Service Level Management (SLM)
Points to Better Security On-Line
London, UK - 6th February 2001, 0830 GMT - On
the day of the British Bankers' Association (BBA) conference on Service Level
Agreements (SLA) in London, mi2g software has stated that due to the
perpetual and escalating threat in online security, SLAs do not work on their
own for financial institutions.
Online security needs to be addressed strategically through
long term Service Level Management (SLM) directives at board level rather
than piecemeal cost saving SLAs negotiated ad hoc by departmental heads.
"SLAs that achieve the short term goal of
individual department heads can increase the security risk from penetration
when they do not take into account the overall business strategy of the financial
institution" said D K Matai, Managing Director, mi2g
software."SLM is the combination of precise
strategically placed levers that achieves a macro service level balance rather
than a number of separately negotiated SLAs that can leave gaping holes in
the organisation's defences as it negotiates strategic alliances."
When security fails within a major bank or financial services
company, it is rarely just an outsourcing issue or the case that one SLA was
incorrectly drafted. It is the lack of an adequate board level strategy for
dealing with online security that produces the weakest link in the security
"Online security is paramount for any organisation
seeking to do business or offer services electronically. Expertly tailored
SLAs and the management of such SLAs are important elements in ensuring
the high level of IT system performance and security that the market requires"
said Rafi Azim-Khan of McDermott Will & Emery`s eBusiness
Group, who helped develop the conference programme for the BBA.
Unless SLM is developed at a strategic level for the business
to manage the mission-critical applications that provide adequate levels of
service to IT and business users, the enterprise will be looking to apportion
blame through the SLAs as opposed to serving customers swiftly after a security
SLM and Bespoke Security Architecture are two valuable
parts of eRisk Management that the boards of major financial institutions
need to take into account when eEnabling their businesses securely.
About the BBA Conference:
The BBA stands for the British Bankers' Association. This
is a not-for-profit organisation, representing the banking industry in the
UK. It is funded by subscriptions from member banks of which there are some
300 from and associate members from 60 different countries.
The BBA Conference on "Service Level Agreements"
is scheduled for 6th February 2001 at Pinners Hall, 105-108 Old Broad Street,
London, EC2 1EX. For further information please contact Marilyn Grey (firstname.lastname@example.org).
Direct Line: 020 7216 8813. The event will start at 9:30am and conclude at
McDermott Will & Emery and mi2g software are
speaking at the event for about 60 bankers.
About McDermott Will
McDermott, Will & Emery is an international law firm
with more than 900 attorneys in eleven offices worldwide. The firm has a full-service
presence, which includes a team of over 80 e-business law specialists and
an e-banking focus group with substantial expertise of issues such as PKI
infrastructure, B2B and B2B trading as well as the raft of other IT contracting
About mi2g (www.mi2g.com):
mi2g software works with
financial services groups, both large and small, to change and eEnable their
entire business. We automate our clients' business in such a way that they
and their customers can use the World Wide Web both to increase their business
volume and reduce their overall cost base. mi2g eBusiness Solutions
Engineering pays particular regard to security and advises on the management
of eRisk, which incorporates Bespoke Security Architecture. mi2g's
clients are mainly from the banking, insurance and reinsurance sectors.
What is Bespoke Security Architecture?
Most organisations believe that a firewall is enough to
secure their sites. Bespoke security architecture brings together firewall
layers, intrusion detection and other defensive structures, as well as automated
intelligence techniques with legal, human resource and company policies.
What is eRisk Management?
eRisk Management deals with a variety of issues. associated
with implementing an eBusiness. integrating SLM. It includes selecting the
optimum. technology set, managing external partners and. alliances, linking
payments to targets, defining. rigorous quality control procedures, managing.
the growth in online traffic post launch, achieving. the expected return on
investment, and bringing. about the changes in the corporate culture. required
for successful eBusiness.