Authentication and Access Control

Threats to your data can come from external or internal sources.

  1. There are individuals who don’t have the authorisation but are driven by malicious intentions to gain access to certain information. This may refer to individuals who already belong to your organisation (but don’t have the necessary access rights) as well as those who don’t.
  2. There are individuals who have both the authorisation and, unfortunately, the malicious intentions over certain information.
  3. Finally, there are individuals who have the authorisation, no malicious intentions, but have accidentally exposed the information in question to those without the proper authority.

While curbing threats 2 and 3 would require other methods, threat #1 can be countered if the right authentication and access control systems are in place.

Here’s what we can do for you:

  • Work with your key personnel to determine who gets access to what.
  • Help you decide whether a single factor or a two-factor authentication (2FA) is appropriate for your organisation and recommend which factors are most suitable. Login methods may include but are not limited to the following:
    • biometric devices
    • Kerberos tickets
    • mobile phones
    • passwords
    • PKI certificates
    • proximity cards
    • smart cards
    • tokens
  • Install the necessary infrastructure needed for the factors chosen. For instance, if you opt to use biometrics, then biometric scanners will be installed. We’ll make sure that the authentication terminals are situated in places where achieving optimal traffic and work flow has been taken into consideration.

Other defences we’re capable of putting up include:

Check our similar posts

Energy Audit – clearly clear?

An energy audit is an examination of an energy system to ensure that energy is being used efficiently. It is the inspection, survey and analysis of energy flows for energy conservation in a building. Energy audits can be conducted by building managers who examine the energy account of an energy system, checks the way energy is used in its various components, checks for areas of inefficiency or where less energy can be used, and identifies the means for improvement.

An energy audit is often used to identify cost effective ways to improve the comfort and efficiency of buildings. In addition, homes/ enterprises may qualify for energy efficiency grants from central government. Energy audits seek to prioritise the energy uses from the greatest to least cost effective opportunities for energy savings.

An energy audit is an effective energy management tool. By identifying and implementing improvements as identified, savings can be achieved not only on energy bills, but also equipment will be able to attain a longer life under efficient operation. All these mean actual dollar savings.

An energy audit has to be conducted by a competent person with adequate technical knowledge on building services installations, after which he/she comes up with a report recommending plans on the Energy Management Opportunities (EMO) for energy saving.

An energy audit culminates to a written report. This could show energy use for a given time period (for example a year) and the impact of any suggested improvements per year. Energy audit reports are then used to identify cost effective ways to improve the comfort and efficiency of buildings. The energy audit report therefore gives management an understanding of the energy consumption scenario and energy saving plans formulation.
Energy audit reports should always translate into action. No matter how well articulated, the energy management objectives are afterall, an energy audit (EMOs), all the effort will be futile if no action is taken. The link between the audit and action is the audit report. It is therefore important for the audit reports to be understandable for all the target audiences/ readers, all of whom may have diverse needs, hence the reason why they should be clear, concise and comprehensible.

What are the do?s and don’ts when writing energy audit reports?

Avoid technical jargon as much as possible; present information graphically; use different graphics such as pie charts, data tables. Schematics of equipment layouts and digital photos tend to make EMO reports less dry. Some of the energy audit software?s come in handy in the generation of such graphs and charts.
The climax of it all is the recommendations, which should be made very fascinating.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
User-Friendly RASCI Accountability Matrices

Right now, you’re probably thinking that’s a statement of opposites. Something dreamed up by a consultant to impress, or just to fill a blog page. But wait. What if I taught you to create order in procedural chaos in five minutes flat? ?Would you be interested then?

The first step is to create a story line ?

Let’s imagine five friends decide to row a boat across a river to an island. Mary is in charge and responsible for steering in the right direction. John on the other hand is going to do the rowing, while Sue who once watched a rowing competition will be on hand to give advice. James will sit up front so he can tell Mary when they have arrived. Finally Kevin is going to have a snooze but wants James to wake him up just before they reach the island.

That’s kind of hard to follow, isn’t it ?

Let’s see if we can make some sense of it with a basic RASCI diagram ?

Responsibility Matrix: Rowing to the Island
Activity Responsible Accountable Supportive Consulted Informed
Person John Mary Sue James Kevin
Role Oarsman Captain Consultant Navigator Sleeper

?

Now let’s add a simple timeline ?

Responsibility Matrix: Rowing to the Island
? Sue John Mary James Kevin
Gives Direction ? ? A ? ?
Rows the Boat ? R ? ? ?
Provides Advice S ? ? ? ?
Announces Arrival ? ? A C ?
Surfaces From Sleep ? ? ? C I
Ties Boat to Tree ? ? A ? ?

?

Things are more complicated in reality ?

Quite correct. Although if I had jumped in at the detail end I might have lost you. Here?s a more serious example.

rasci

?

There?s absolutely no necessity for you so examine the diagram in any detail, other to note the method is even more valuable in large, corporate environments. This one is actually a RACI diagram because there are no supportive roles (which is the way the system was originally configured).

Other varieties you may come across include PACSI (perform, accountable, control, suggest, inform), and RACI-VS that adds verifier and signatory to the original mix. There are several more you can look at Wikipedia if you like.

Making Click-and-Collect click

In my previous post, I introduced you to integrated e-commerce and explained why it is the right way to extend your business online. If you already have a brick-and-mortar retailing business and you’re looking to improve your online presence, you could start offering a click-and-collect service.

With click-and-collect, customers order online and then collect their merchandise from one of the retailer?s local branches. Why would they want to do that?

Apparently, there are buyers who now prefer a click-and-collect service over the delivery service of a purely online retailer. With the latter, they sometimes have to wait forever for the delivery van to arrive or contend with a missed-delivery card.

Basically, customers who want both the convenience of placing orders online and better control of their time find click-and-collect a better option.

Last December 2011, IMRG (Interactive Media in Retail Group) reported a ?significant rise in the percentage of click-and-collect e-retail sales in the 3rd quarter of 2011?. This accounted for 10.4% of all e-retail sales in that quarter. More specifically, the gain was 7.4%, which was also the strongest quarterly gain since IMRG started collecting this data.

Clearly, this particular service is gaining popularity. But how do you meet the rising demand in this area?

A click-and-collect service requires a highly synchronised ecosystem. You don’t want to have a customer order items from your online store, drive a couple of minutes from his house to your nearest outlet, only to find out that one of the items is no longer available.

This can only work if all systems involved are interconnected. Changes in the inventory in your individual outlets should reflect on your database in real time. In turn, these changes have to be reflected instantly on your online store. Conversely, once a buyer has picked items online and is already directed to a local outlet, those items have to be reserved there.

But that’s not all. Your system has to be seamless enough to support fast and reliable service. You don’t want your buyer to have to wait a long time before the items are ready for pick-up. It also has to be capable of tracking the status of ordered products, handling uncollected orders, and monitoring inventory.

By implementing an integrated e-commerce system, these won’t be the only things you?d be able to do. You can even add more value to your service. For example, you can connect to your CRM and learn more about your customers? purchase history, buying habits, and preferences.

That way, it would be easier for you to provide a faster and more convenient buying experience for them in the future.

Click-and-collect is a very promising way to increase your sales and improve customer loyalty.

Ready to work with Denizon?

Contact Us Today