Enterprise system security plan
Executive summary
An enterprise security plan is an essential element for any organization as it helps to protect it. Enterprise system security has increasingly become important because of the increase in the incorporation of security into the operations of any organization. This is the case at Auburn Regional where the systems have been incorporated into the daily operations of the facility. The systems have been able to improve the efficiency of operations. However, an implementation of the enterprise systems security plan is ensured to protect the facility while further improving the efficiency of the operations. The five strategic objectives of data loss prevention, access controls, data management, risk management and cloud technology when implemented will ensure improved security, efficiency and reduce the operational costs of the organizations.
Strategic objectives of enterprise system security
Auburn regional is a small health care facility and matters of security are an important aspect to it just like in any other health care facility. Data loss prevention is an important aspect because the organizations deals with sensitive information which the patients provides to them. This information is critical to the patient as it helps to provide the appropriate care for the patient. An example is information on allergies and medical history will help to highlight the best cause of action. Loss of this information may be detrimental to the care provided. To create a data loss prevention strategy, it is important to identify the data, define how it moves, define the data prevention policies and educate the staff members on the policies (Fakhir, Fahiman & Ibrahim, 2015). Don't use plagiarised sources.Get your custom essay just from $11/page
Access control is a security tool which regulates the individuals who can see certain information or utilize specific resources. This feature helps to minimize risk to the organization. At Auburn Regional, the different staff members should have different clearance levels of access. The maintenance staff do not have any use of the patient’s information hence they should not be able to access it. This is just one example of many where the staff does not require to view the certain information. This enables accountability and there is an increased level of security for the patient’s information. This can be achieved by setting up access security control systems where each individual at Auburn Regional is given log in information where they are able to access only that which they require (Fakhir, Fahiman & Ibrahim, 2015).
Data management is an important element at Auburn regional because of the vast amount of data which the organization receives every time. There is a constant update of the already existing data because of changes in the patient’s conditions. Therefore, data management helps to ensure that the data is up to date and available in a timely manner. At Auburn Regional, data management will increase the efficiency of service provision since it would be based on up to date information being available whenever it is required. Data management strategy involves identification of the teams, roles and responsibilities and setting up a good communication plan to ensure the objective is achieved (May, Dhillon & Caldeira, 2013).
There are many risks which health care facilities such as Auburn Regional are often faced with. One major risk is the cyber risk because of the large amounts of data which I has. Therefore, the risk management strategy should aim at protecting the health care facility from any cyber-attacks. This will ensure that the information which it has is secure and the clients can easily trust them with their information as it would be secure. This can be achieved by incorporating security features into the system aimed at protecting it. The staff are also educated on the appropriate steps of using the system to avoid compromising it (May, Dhillan & Caldira, 2013).
Cloud technology involves the delivery of computing services over the internet. This is one strategy which a small health care facility such as Auburn Regional should utilize because it saves on cost. Unlike other systems, in cloud computing you only pay for what you have utilized therefore, it significantly helps in reducing the costs associated with the management of the system. The implementation of cloud technology will help to lower operational costs while helping the facility to run more efficiently. It also flexible and accommodates changes as they occur within the organization. This can be achieved by utilizing computing services such as storage, networking, analytics, software and intelligence among many others over the internet (Marakas & O’Brian, 2013).
Recommendations
Technology is fast evolving and security measures which are applicable today may not be applicable tomorrow. Therefore, the enterprise system security should be constantly updated to ensure that the strategies which have been put in place are sufficient for the existing technology. The enterprise system security should solicit the help of all the staff members within the health care facility. The staff members are the users of the system and their feedback is paramount in helping to identify any shortcomings which may be existing within the system. Finally, the recommendations of the plan should also ensure that they are factored in by providing training on the appropriate ways of operating the system (Marakas & O’Brian, 2013). This will help to achieve the strategic objectives which have been set.