Any type of plan or policy is only as strong as the weakest link.The best example of this is passwords.You can find them everywhere—on the back of employees' keyboards, in the top drawers of their desks, or on Post-Its that always seem to be stuck on their monitors. Often this is done not because employees are unable to remember them, but because nobody told them just how important passwords are.They only know that they need them to get into their computers. Sometimes they have more than one password because they also have to access other systems, which they might see as even more reason to make a list of them. Often, when employees do know enough not to write their passwords down for security reasons, they select passwords that are easy to remember instead. Some examples are the name of a spouse, child, dog, or favorite goldfish. For a person with malicious intent, these passwords are relatively easy to discover, by using social engineering.
More and more organizations are realizing that security is not only about technology, but also about people. They are beginning to understand that security awareness is an important part of the introduction of new employees to the organization, and integral to the training programs for existing employees.
The introduction of BizTalk in your infrastructure is a good reason to put a security awareness program in place. Because BizTalk not only automates business processes, but also integrates individual information systems, or at least connects them, it will make it easier for misuse to propagate without being noticed.This is especially true if BizTalk is directly connected to the outside world. If this is the case, things can get nasty.
Was this article helpful?