Posted on 25, March 2014
in Category bsg insight
This post looks at the perspective of availability – defined for this purpose as “concerns unwanted withholding of information”. Availability is simply the ability to get what you want from the system when you need it. There should not be any barriers outside of the checks and balances that manage the other security perspectives in the CIADA model. Given that Excel is a fairly robust and prevalent industry application, there are not many software ‘features’ that may deliberately or inadvertently withhold information from its own users; though a side thought would caution against passwords only known by one person which [&hellip
Read More
Posted on 17, March 2014
in Category bsg insight
Integrity This post looks at the perspective of integrity – defined for this purpose as “concerning the unwanted modification of data.” Modifying the data in a sensitive data set is a huge risk. Potential ruinous of the result in its entirety and in the context of a decision support system – it is the kind of thing that people lose jobs, homes and businesses over. Shockingly, people may even want to do this for selfish and malevolent reasons… and in an Excel world they can do this without a trace (almost – which is a thought for another post). The [&hellip
Read More
Posted on 10, March 2014
in Category practitioner experience
Confidentiality For the sake of this post, I’ll define confidentiality as “concerns regarding the unwanted disclosure of information.” Confidentiality is complex as it is both role-driven and time-driven, i.e. sensitive data may only be applicable to me in my current role and for a specific timeframe after which it may become stale and elicit invalid results. Without deploying additional layers (e.g. using the file system layer to assign access via login to specific roles) neither angle is covered by Excel (or any Office-style application). Access is blanket applied – you are in or out of the loop. Hidden sheets help, [&hellip
Read More
Posted on 17, June 2013
in Category bsg insight, practitioner experience, tools and techniques
by Michael Railton Challenges are just opportunities to think differently Offshoring has its horror stories. Many of them resulting from putting the desire to drive cost down ahead of the desire to deliver against business benefit. Throwing specs “over the fence” may be cheap, but there is often significant business upheaval in the wake of a poorly built software system. The cost of correction (in the software) and disruption (in the business) is often significantly greater than would’ve been incurred had a smarter approach to working as a team been pursued from the outset. Effective collaboration within distributed development teams is [&hellip
Read More