Siemens Ki Dunya - Siemens Pakistan
Siemens Ki Dunya - Siemens Pakistan
Siemens Ki Dunya - Siemens Pakistan
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Corporate Information Technology<br />
Corporate Information Technology<br />
Drills Path to Secure <strong>Siemens</strong><br />
Spreading Information Security<br />
Awareness<br />
The most valuable assets of any<br />
organization are its<br />
people, information,<br />
operations and systems.<br />
Companies face threats<br />
to these assets everyday<br />
in the form of computer<br />
viruses, network attacks,<br />
fraud, industrial espionage,<br />
and even natural<br />
disasters. Protecting the safety,<br />
confidentiality, integrity and availability<br />
of these assets is essential to maintaining<br />
profitability, compliance, public<br />
image and a competitive edge.<br />
The increasing digitization of everyday<br />
life and stronger measures for protecting<br />
sensitive corporate data has<br />
generated an enormous demand for<br />
Information Security solutions and<br />
services. “The market for security<br />
technologies overall has grown. Use of<br />
new material and security mechanisms,<br />
as well as development of<br />
innovative application<br />
scenarios for modern<br />
high-security technologies,<br />
must guarantee<br />
improved protection,” says<br />
Ulrich Hamann, CEO of<br />
Bundesdruckerei GmbH, in<br />
assessing Information Security growth.<br />
Demand for adequate protection of the<br />
IT Infrastructure has increased tremendously<br />
at <strong>Siemens</strong> <strong>Pakistan</strong>. This is a<br />
result, in part, of Corporate Information<br />
Technology’s continuous awareness of<br />
40 <strong>Siemens</strong> <strong>Ki</strong> <strong>Dunya</strong> | August 2009<br />
the risks of unwanted intrusions, data<br />
manipulation and<br />
distribution of malicious<br />
software. The implementation<br />
and compliance<br />
of Information<br />
Security rules will be<br />
successful when all<br />
persons are acquainted with the<br />
required measures. Hence, developing a<br />
Security Awareness Program has been<br />
constructive in effectively implementing<br />
the measures needed to keep your data<br />
safe and secure. Information Security<br />
Awareness provides the greatest return<br />
on investment and has had the greatest<br />
positive impact on <strong>Siemens</strong>.<br />
Be Aware, Be Secure<br />
The motto of our campaign is “Be<br />
Aware, Be Secure.” The aim is to raise<br />
employees’ awareness<br />
and change their habits.<br />
After all, how effective<br />
can measures such as<br />
building security,<br />
encryption programs and<br />
firewalls be, if employees<br />
are not conscious of<br />
Information Security in all that they do.<br />
Information Security is considered to be<br />
of supreme importance.<br />
To ensure the highest level of data<br />
security, as well as seamless operations<br />
at <strong>Siemens</strong>, Corporate Information<br />
Technology is effectively educating the<br />
users to equip them with the required<br />
Information Security knowledge in order<br />
to make Information Security successful<br />
throughout the company.<br />
Information Security Awareness<br />
program leverages a vast store of<br />
content and training delivery methods<br />
to provide users with an unparalleled<br />
security awareness program. The<br />
program comprises of the following<br />
components:<br />
Training Material<br />
� Instructor led Information Security<br />
Awareness training sessions.<br />
� Information Security Forum –<br />
Interactive, self-paced, web-based<br />
training.<br />
� Customized awareness collateral<br />
including posters, flyers, brochures,<br />
etc.<br />
� Information Security Videos.<br />
� Information Security Manual/ Guide<br />
lines.<br />
Training Sessions<br />
There is no better method of security<br />
awareness knowledge transfer than an<br />
Instructor-led Information Security<br />
Awareness Session. With attention<br />
grabbing topics such as phishing scams,<br />
email security, Corporate Information<br />
Technology ensures that<br />
our instructors have the<br />
best content and course<br />
to present.<br />
Couple this with videos of<br />
real-world threats and<br />
vulnerabilities; Information<br />
Security training<br />
sessions are able to provide users with<br />
vital information about concrete<br />
remediation steps.<br />
Information Security Forum<br />
Corporate Information Technology is<br />
developing a proprietary<br />
web-based<br />
learning portal for<br />
users that prefer a<br />
Web-based Training<br />
for Information<br />
Security Awareness. The content of the<br />
forum will be customized to show<br />
Information Security issues. This method<br />
of delivery would leverage significant<br />
cost savings, and allow users to train at<br />
their own convenience.<br />
Information Security Website<br />
Corporate Information Technology<br />
maintains a comprehensive webpage on<br />
Information Security. The content of the<br />
website comprises of the following:<br />
� Policies and Guidelines to protect<br />
you from internal and external<br />
threats<br />
� IS Training material such as selftraining<br />
programs<br />
� Checklists to ensure that you are<br />
following the program correctly<br />
� Videos of real-world threats<br />
� Presentations<br />
� Handouts/ Flyers, and<br />
� Latest News<br />
In future, we will be developing an<br />
online Information Security incident<br />
reporting portal, which will also be<br />
available on the website.<br />
Your Local IS Rules<br />
The protection of sensitive information<br />
is important and all employees are<br />
required to give it due importance. By<br />
protecting yourself and the systems<br />
entrusted to you,<br />
you are protecting your co-workers,<br />
<strong>Siemens</strong> network and data and,<br />
ultimately,<br />
the customers who are depending on<br />
you. With the<br />
increasing volume<br />
and complexity of<br />
cyber security<br />
threats, we must be<br />
aware of how to<br />
protect ourselves and the information in<br />
our care. There might be several<br />
situations in which we put our knowledge<br />
at risk. It is essential to be aware of<br />
these risks and to avoid them as far as<br />
possible.<br />
Dangerous Situation<br />
One of the fastest ways to compromise<br />
a system is to simply<br />
walk up to an<br />
unattended<br />
workstation and<br />
access the system.<br />
E-mail access,<br />
confidential records and personal files<br />
can be easily compromised. Users<br />
should remain cautious and must lock<br />
their workstations or shut down<br />
completely to avoid misuse of their<br />
systems.<br />
Email Caution<br />
E-mail messaging is a wonderful tool<br />
but it can be used in a number of ways.<br />
Phishing, for example, is a fraudulent<br />
attempt made through E-mail, to steal<br />
your personal information. Employees<br />
must ignore such emails – otherwise<br />
they will lose vital information stored on<br />
their hard disks. Employees using Corina<br />
Remote Access Solution, or whose PCs<br />
are not linked to the Corporate Intranet<br />
have to take added precaution.<br />
Computer viruses – What can you<br />
do?<br />
Your system can be exposed to spyware,<br />
viruses or a Trojan<br />
horse sometimes<br />
just by clicking on a<br />
link and visiting a<br />
malicious site. Our<br />
department works<br />
to ensure that<br />
<strong>Siemens</strong>’ virus<br />
protection programs are up-to-date.<br />
Every two to three days the entire<br />
intranet automatically updates itself<br />
with virus protection applications. In<br />
case of concern about such a threat,<br />
contact Corporate Information Technology<br />
immediately on Ext: 2073.<br />
Making your contribution to<br />
Information Security<br />
Awareness is crucial to avoid risks. Just<br />
by being aware of<br />
security issues at<br />
your workplace<br />
you can make an<br />
immense contribution<br />
towards<br />
Information Security.<br />
By<br />
Natasha Beg<br />
CIT<br />
<strong>Siemens</strong> <strong>Ki</strong> <strong>Dunya</strong> | August 2009<br />
41