"The absence of legislative frameworks to entrench the King II Report and much comparative levels to the US Sarbanes-Oxley Act and other international regulatory frameworks leaves the public and private sector open to huge opportunities for information distraction or manipulation in South Africa," says the CEO of Computek, Harry Chakhala.
Chakhala said the current situation in terms of information management and protection in government, public and private organisations, leaves itself to be vulnerable to sabotage, shredding, copying and deleting without anyone being held directly responsible.
"South African institutions, investors and the public are left vulnerable to excuses for poor information management and other risks such as disgruntled management and employees destroying and tampering with information.
"Information systems are not protected and we do not have legislative measures in place to guard against such vulnerabilities. The Enron, Tyco International, Peregrine Systems and WorldCom scandals in the US, are prime examples of the seriousness of the matter. The forces in our country are simply not moving fast enough to have legislative measures in place and as a result there are no recommended or prescribed controlling mechanisms to prevent loss and tampering of information," Chakhala said.
Despite the legislative gap, which should be aimed at preserving and protecting information in all sectors, Computek is now able to address the current situation by means of solutions that are able to secure information through identity and access management, auditing, manage information, monitor and track network users. These solutions are available to ensure compliance with the King II Report, PFMA, SOX, CoBiT, ITIL, IEC 27002, ISO 17799, etc, which provides guidelines for information management in compliance to the various legislative requirements locally and globally. The solutions also ensure that network administration is subject to controlling mechanisms from a central location.
Computek, as a Microsoft Gold Certified Partner, implements solutions for identity and access management, auditing and compliance in order to identify users and have control measures in place to monitor and control the system environment. Netpro and Centrify are two world-class solutions used to identify users, audit and manage systems from centralised Active Directory (AD) infrastructure.
"Companies should guard their information and systems, both internally and externally."
These two solutions available for Microsoft and non-Microsoft platforms respectively are available at Computek. Furthermore, to address the issue of information protection and infrastructure management, Computek has formed an AD Strategy Community Group to impart knowledge to educate the IT specialists on best practices to maintain their Microsoft environments to world-class infrastructure and security standards. The Strategy Group shares information and implements recommendations to ensure up-to-date infrastructure.
"We are certainly striving towards a more secure and protected environment, and has made great strides providing solutions for the government and business sector. In lieu of any legislation, companies can already implement measures to protect themselves. A number of large corporate and certain government institutions are already investigating measures to secure their infrastructure management, security, identity and access management," Chakhala said.
Share