This week Peter Joplin of Tivoli Software at IBM looks at ways of managing employee access to important and confidential business data.
A fact of current economic life is that employee turnover is on the increase.
Many retailers, for example, have turnover rates approaching 100 per cent, which means employees are coming and going at a rapid rate.
But what many companies don't realise is that when employees leave, they often take with them the firm's most precious assets: the mission-critical data that runs the business.
This could include customer account data, sales and inventory data, confidential business intelligence, and everything else stored in the company's internal systems.
Disgruntled employees can even go one step further and cause malicious damage to company systems.
While departing employees routinely return things like laptops and security badges, they hold on to the security IDs and passwords that provide access to the company's internal databases.
In fact, over 20 per cent of accounts on many company systems - mail systems and mainframes, for example - are for employees who have left the organisation, often as long as five years before.
So why haven't companies kept up with this growing security menace?
Most are just beginning to realise that the internet and e-business have opened doors to their business that did not exist until recently.
Companies have rushed to add new applications that allow employees, customers, suppliers and partners to do the things they need to do, which has speeded up work and produced huge productivity gains. Data that a few years ago was accessible only by fax or phone is now a mouse click away.
We are all beneficiaries of this incredible change. But a downside to this e-business progress is that companies have not bothered to integrate the applications they have been building, which has added greatly to the complexity and cost of administering IT.
Since applications are neither centrally managed nor integrated, users have multiple sign-ons to the same enterprise. This is why we have all those IDs and passwords we carry around in our heads - and keep forgetting.Help desks now spend much of their time doling out passwords instead of adding real value to the business.
Companies also have to keep track of all the new users entering the enterprise, along with which applications they have a right to access. These applications often run on different computing platforms with their own security requirements. And the users keep changing daily.
The end result is a situation in which companies are hard-pressed to know who is accessing the business for legitimate purposes.
A way out of this complexity is to create a centralised, integrated IT infrastructure that serves everyone's purpose.
Users can get a single sign-on to all the applications they need to access, and the enterprise can get a flexible, low-cost way to keep user authorisations fully updated while ensuring maximum business control.
This kind of security solution is being implemented now at one of the world's leading international food retailers, which has more than 8,500 supermarkets worldwide.
It is building an e-business infrastructure for more than 420,000 users that fits the business requirements of all the people tied to the enterprise - from employees and suppliers to customers.
Users will have a single sign-on to the parts of the business they need to do their jobs, and these access rights can be modified easily as their job requirements change.
Moreover, when employees leave the company, access rights can be removed in real time, while maintaining employee access to things like health and pension benefits that are required by law.
Similar flexibility will be available to administer access rights for all the retailer's end users.
This new centralised infrastructure is designed to save millions of dollars in administering its store operations. At the same time, it is designed to enable the retailer to increase its business control of these operations.
And that is important, because IT security is not about setting up unnecessary obstacles to business activity; it is about enabling people to do the things they need to do to be successful.
Security must become a business enabler, not an inhibitor.
The internet and e-business have changed how we do business forever. It is now time to complete the transformation by reducing the complexity and cost of running an e-business.
The security tools are at hand to do that.
Including a 15-inch Intel Core-powered device weighing less than a bag of sugar
Tuomo Suntola's ALD technology extended Moore's Law, but was only adopted by chip-makers in 2007
Trump proposes a $1.3bn fine and a round of firings to un-bork ZTE
Findings could mean new optical frequencies to transmit more data along optical cables