Enterprise security architecture in business convergence environments
Abstract
Purpose
To provide the strategic model of approach which helps enterprise executives to solve the managerial problems of planning, implementation and operation about information security in business convergence environments.
Design/methodology/approach
A risk analysis method and baseline controls of BS7799 were used to generate security patterns of business convergence. With the analysis of existing enterprise architecture (EA) methods, the framework of the enterprise security architecture was designed.
Findings
The adaptive framework, including the security patterns with quantitative factors, enterprise security architecture with 18 dimensions, and reference models in business convergence environments, is provided.
Research limitations/implications
Information assets and baseline controls should be subdivided to provide more detailed risk factors and weight factors of each business convergence strategy. Case studies should be performed continuously to consolidate contents of best practices.
Practical implications
With the enterprise security architecture provided in this paper, an enterprise that tries to create a value‐added business model using convergence model can adapt itself to mitigate security risks and reduce potential losses.
Originality/value
This paper outlined the business risks in convergence environments with risk analysis and baseline controls. It is aguably the first attempt to adapt the EA approach for enterprise executives to solve the security problems of business convergence.
Keywords
Citation
Kim, S. and Seong Leem, C. (2005), "Enterprise security architecture in business convergence environments", Industrial Management & Data Systems, Vol. 105 No. 7, pp. 919-936. https://doi.org/10.1108/02635570510616111
Publisher
:Emerald Group Publishing Limited
Copyright © 2005, Emerald Group Publishing Limited