Risk Assessment

Risk assessment is a vital component in BC (Business Continuity) planning. Through risk assessment, your company may determine what vulnerabilities your assets possess. Not only that, you’ll also be able to quantify the loss of value of each asset against a specific threat. That way, you can rank them so that assets that are most likely to cripple your business when say a specific disaster strikes can be given top priority.

However, a poorly implemented risk assessment may also cost you unnecessary expenditures. Many risk assessors are too enthusiastic in pointing out risks that, at the end of the assessment, they tend to over-appraise even those having practically zero probability of ever occurring.

We can assure you of a realistic assessment of your assets’ risks and propose cost-effective countermeasures. These are the things we can do:

  • Identify your unsafe practices and propose the best alternatives.
  • Perform qualitative risk assessment if you want fast results and lesser interruptions on your operations.
  • Perform quantitative risk assessment if you want the most accurate depiction of your risks and the corresponding justifiable costs of each.
  • Conduct frequency and consequence analysis to identify unforeseen harmful events and determine their effects to various components of your organisation and its surroundings.

We can also assist you with the following:

Check our similar posts

EU Energy Efficiency Directive & UK?s ESOS

In 2012 the European Union passed its EU Energy Efficiency Directive (EED) into law. This aims to reduce overall energy consumption by 20% by 2020. It placed an obligation on member states to pass back-to-back local legislation by June 2014.

EED Guidelines

The EED provides specific guidelines it expects member nations to address. The list is long and here are a few excerpts from it:

  • Large companies must use energy audits to identify ways to cut their energy consumption
  • Small and medium companies must be incentivised to voluntarily take similar steps
  • Public sector bodies must purchase energy-efficient buildings, products and services
  • Private energy-consumers must be empowered with information to help manage demand
  • Energy distributors / resellers must cut their own consumption by 1.5% annually
  • Legislators are free to substitute green building technology e.g. through better insulation
  • Every year, European governments must audit 3% of the buildings they own

Definition of Energy Audit

An energy-consumption audit is a question of measuring demand throughout a supply grid, with particular attention to individual modules and high demand equipment. While this could be an exercise repeated every four years to satisfy ESOS, it makes more sense to incorporate it into the monthly energy billing cycle.

Because energy use is not consistent but varies according to production cycle, this can produce reams of printouts designed to frustrate busy managers. ecoVaro offers an inexpensive, cloud-based analytic service that effortlessly accepts client data and returns it in the form of high-level graphic summaries.

Potential ESOS Beneficiaries

As many as 9,000 UK companies are obligated to do energy audits because they employ more than 250 employees, have a balance sheet total over ?36.5m or an annual turnover in excess of ?42m. Any smaller enterprise that finds energy a significant input cost, should also consider enlisting Ecovaro to help it to:

  • Obtain a better understanding of the energy side of their business
  • Achieve energy savings and share in a estimated ?3bn bonanza to 2030
  • Reduce carbon emissions to help meet their CRC commitments

More About ecoVaro

We offer web-based energy management software that helps you measure and manage energy costs. This strips data from your meters and generates personalised reports on a dashboard you control. This information helps you accurately zoom in on worthwhile opportunities. With Ecovaro on your side, ESOS truly becomes an Energy Saving OPPORTUNITY Scheme.

Finding the Best Structure for Your Enterprise Development Team

An enterprise development team is a small group of dedicated specialists. They may focus on a new business project such as an IoT solution. Members of microteams cooperate with ideas while functioning semi-independently. These self-managing specialists are scarce in the job market. Thus, they are a relatively expensive resource and we must optimise their role.

Organisation?Size and Enterprise Development Team Structure

Organisation structure depends on the size of the business and the industry in which it functions. An enterprise development team for a micro business may be a few freelancers burning candles at both ends. While a large corporate may have a herd of full-timers with their own building. Most IoT solutions are born out of the efforts of microteams.

In this regard, Bill Gates and Mark Zuckerberg blazed the trail with Microsoft and Facebook. They were both college students at the time, and both abandoned their business studies to follow their dreams. There is a strong case for liberating developers from top-down structures, and keeping management and initiative at arm?s length.

The Case for Separating Microteams from the?Organisation

Microsoft Corporation went on to become a massive corporate, with 114,000 employees, and its founder Bill Gates arguably one of the richest people in the world. Yet even it admits there are limitations to size. In Chapter 2 of its Visual Studio 6.0 program it says,

‘today’s component-based enterprise applications are different from traditional business applications in many ways. To build them successfully, you need not only new programming tools and architectures, but also new development and project management strategies.?

Microsoft goes on to confirm that traditional, top-down structures are inappropriate for component-based systems such as IoT solutions. We have moved on from ?monolithic, self-contained, standalone systems,? it says, ?where these worked relatively well.?

Microsoft’s model for enterprise development teams envisages individual members dedicated to one or more specific roles as follows:

  • Product Manager ? owns the vision statement and communicates progress
  • Program Manager ? owns the application specification and coordinates
  • Developer ? delivers a functional, fully-complying solution to specification
  • Quality Assurer ? verifies that the design complies with the specification
  • User Educator ? develops and publishes online and printed documentation
  • Logistics Planner ? ensures smooth rollout and deployment of the solution

Three Broad Structures for Microteams working on IoT Solutions

The organisation structure of an enterprise development team should also mirror the size of the business, and the industry in which it functions. While a large one may manage small microteams of employee specialists successfully, it will have to ring-fence them to preserve them from bureaucratic influence. A medium-size organisation may call in a ?big six? consultancy on a project basis. However, an independently sourced micro-team is the solution for a small business with say up to 100 employees.

The Case for Freelancing Individuals versus Functional Microteams

While it may be doable to source a virtual enterprise development team on a contracting portal, a fair amount of management input may be necessary before they weld into a well-oiled team. Remember, members of a micro-team must cooperate with ideas while functioning semi-independently. The spirit of cooperation takes time to incubate, and then grow.

This is the argument, briefly, for outsourcing your IoT project, and bringing in a professional, fully integrated micro-team to do the job quickly, and effectively. We can lay on whatever combination you require of project managers, program managers, developers, quality assurers, user educators, and logistic planners. We will manage the micro-team, the process, and the success of the project on your behalf while you get on running your business, which is what you do best.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
The General Data Protection Regulation & The Duty to use Encryption

The General Data Protection Regulation, abbreviated to GDPR, raised a storm when it arrived. In reality, it merely tightened up on existing good practice according to digital security specialists Gemalto. The right to withhold consent and to be forgotten has always been there, for example. However, the GDPR brings a free enforcement service for consumers, thus avoiding the need for third party, paid assistance.

The GDPR Bottom Lines for Data Security
Moreover, the GDPR has penalties it can apply, of the order that might have a judge choking on his wig. Under it, data security measures such as pseudonymisation (substitution of identifying fields) and encryption (encoding including password protection) have become mandatory. Businesses must further respect their client data by:

a) Storing it in a secure environment supported by robust services and systems

b) Having proven measures to restore availability and access after a breach

c) Being able to prove frequent effectiveness testing of these measures.

The General Data Protection Regulation places an onus on businesses to report any data breaches. This places us in a difficult situation. We must either face at least a wrist slap upon reporting failures. Alternatively, pay a fine of up to ?10 million, or 2% of total worldwide annual turnover.

The Engineered Weak Link in the System
Our greatest threat of breach is probably when the data leaves our secure environment, and travels across cyberspace to an employee, stakeholder, collaborator, or the client themselves. Since email became open to attack, businesses and individuals have turned to sharing platforms like Dropbox, Google Drive, Skydrive, and so on. While these do allow an additional layer of password protection, none of these has proved foolproof. The GDPR may still fine us heavily, whether or not we are to blame for the actual breach.

How Hacking is Approaching Being a Science
We may make a mistake we may regret, if we do not take hacking seriously. The 10 worst data hacks Identity Force lists are proof positive that spending lots of money does not guarantee security (any more than having the biggest stock of nuclear weapons). We have to be smart, and start thinking the way that hackers do.

Hacker heaven is finding an Experian or a Dun & Bradstreet that may have shielded 143 million, and 33 million consumer records respectively, behind a single, flimsy cyber-security door. Ignorance is no excuse for them. They should simply have known better. They should have rendered consumer data unreadable at individual record level. The hackers could have found this too demanding to unpick, and have looked elsewhere.

How Data Encryption Can Help Prevent Hackers Succeeding
Encrypting data is dashboard driven, and businesses need not concern themselves about it works. There are, however, a few basic decisions they must take:

a) Purge the database of all information held without explicit permission

b) Challenge the need for the remaining data and purge the nice-to-haves

c) Adopt a policy of encrypting access at business and customer interfaces

d) Register with three freemium encryption services that seem acceptable

e) After experimenting, sign up for a premium service and be prepared to pay

Factors to Consider When Reaching a Decision
Life Hacker?suggests the following criteria although the list is a one-size-fits-all

a) Is the system fast, simple, and easy to operate

b) Can you encrypt hidden volumes within volumes

c) Can you mass-encrypt a batch of files easily

d) Do all other files remain encrypted when you open one

e) Do files automatically re-encrypt when you close them

f) How confident are you with the vendor, on a scale of 1 to 10

It may be wise to encrypt all the files on your system, and not just your customer data. We are always open to a hack by the competition after our strategic planning. If we leave the decision up to IT, then IT, being human may take the easy way out, and encrypt as little as possible.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today