1. Human errors - fraud risks
Fraud impacts organizations in several areas including financially, operationally and psychologically. While the monetary loss due to fraud is significant, its full impact of fraud on an organization can be staggering. Its loss of reputation, goodwill and customer relations can be devastating.
The risk of employees misusing confidential information and colluding with fraudsters.
A fraud risk management strategy is key to a successful anti-fraud program. The implementation of a fraud risk management strategy is an important first step in terms of aligning the fraud risk management activities of the organization with the risk environment within which it operates, and with the risk appetite of the organization.
Fraud management program creates a framework for tracking and monitoring the processes and transactions to identify potential fraud and leakages therein, builds analytical tools and capabilities to identify and mitigate quantum of losses from various fraud incidences, and finally, increases levels of
awareness in this regard, both within organizations and in the industry as a whole.
awareness in this regard, both within organizations and in the industry as a whole.
Fraud policy
An effective communication program is essential if the fraud policy framework is to deliver maximum benefit to the organization.The content of the policies (particularly any changes to those policies) needs to be continually communicated to staff and other key stakeholders, so that the behaviors inherent in those policies become part of the ‘way we do business around here’.
It reduces the risk of sanctions being applied by the organization in relation to fraud being challenged e.g. staff member disputing dismissal for a fraud related incident.
It helps staff to determine what course of action to take when facing ethical dilemmas or ‘grey areas’.
Ernst & Young’s Fraud Investigation & Dispute Services (FIDS)
FIDS team has specific domain knowledge, along with wide industry experience.
•Forensic technology - use sophisticated tools and established forensic techniques to provide the requisite services to address individual client challenges.
• Global exposure - Several of our team members have been trained on international engagements to obtain global exposure on fraud scenarios.
• Market intelligence - have dedicated field professionals, who are specifically experienced and trained in corporate intelligence, and are capable of conducting extensive market intelligence and background studies on various subjects, industries, companies and people.
• Thought leadership - have a significant repository of thought leadership reports and white papers.
• Qualified professionals - have a qualified and experienced mix of certified fraud examiners, CIAs, CAs, CISAs, engineers, MBAs and computer forensic professionals.
Services provided:
• Fraud risk management
• Brand protection
• Technology
• Regulatory compliance
• Corporate intelligence
• Fraud investigation
• Dispute advisory services
• Anti-bribery program
2. Cyber crime
Mobile computing devices (e.g., laptops, tablet PCs, multimedia enabled smartphones) are in widespread use, allowing individuals to access and distribute business information from anywhere and at any time. Recent improvements in mobile applications, bandwidth and connectivity have made it possible to interact with information like never before: accessing information-intensive reports, retrieving corporate data and even conducting remote meetings from a mobile device.
The increased use of mobile computing devices for business purposes is not without serious risks. The popularity and widespread use of these devices has led to the unwanted, but somewhat predictable, outcome of such devices becoming a target for computer viruses and sophisticated mobile malware. In addition, due to the small size of the portable devices,
simple theft of the device is also a real concern.
The most serious risk associated with mobile computing is the potential loss or leakage of
important business information. When we asked our survey participants to identify their
top five areas of IT risk, 64% of respondents indicated that data (i.e., disclosure of sensitive
data) was one of their top five IT risk areas, second only in overall ranking to the continuous
availability of critical IT resources.
Data leakage prevention
Data leakage prevention (also known as data loss prevention or information leak prevention) is the combination of tools and processes for identifying, monitoring and protecting sensitive data or information according to an organization’s policies or government and industry regulations. Data leakage prevention services will typically focus on preventing specific data or information from leaking out of the organization and detecting any unauthorized access or transmission of sensitive data.
3.Environmental hazards
Scalable WAN Acceleration for the Security-Conscious Enterprise.
The WAN is undergoing a transformation as a result of many key enterprise initiatives.These include business continuity and disaster recovery (both of which drive the need for network backup and data replication), server and storage consolidation. WAN acceleration appliances incorporate a collection of techniques that transparently and securely optimize WAN traffic to mitigate the impact of limited bandwidth, latency and packet loss for any collection of IP-based applications. The more advanced techniques are ‘data reduction’, latency mitigation and error correction, which recovers from dropped packets in the network.
Silver Peak
Ernst and Young, a global leader in professional services, has large data centers and distributed offices throughout the world. In Canada, for example, the firm is paying for expensive 500 Mbps SONET connections between Toronto and Montreal to serve over 4,000 users. The company rarely could achieve more than 10% utilization on that link, making it difficult to perform real-time data replication using Double-Take software. This also made it difficult to deliver other applications from these offices, including Lotus Notes and Microsoft file services.
"Silver Peak’s WAN acceleration opened up a lot of possibilities - from centralizing servers to implementing virtual tape libraries in our data centers” — Assistant Director for Information Security
Results:
Optimized SONET backbone; Enabled centralized application delivery across WAN
47x peak improvement in data replication (achieved 475 Mbps throughput)
73x peak improvement on CIFS traffic (achieved 220 Mbps throughput)
47x peak improvement with FTP (achieved 475 Mbps throughput)
20x peak improvement on Lotus Notes (achieved 60 Mbps throughput)
Referencing:
http://www.silver-peak.com/assets/download/pdf/Disaster-Recovery-Research-ZD.pdf
No comments:
Post a Comment