How Trust Works
The Amex example offers several insights for enterprises operating in a networked world:
- • Being "networked" is a communal choice, one in which the degree to which operations are secure and sensitive data is protected is defined by the capability of the least secure player.
- • Trust among interdependent partners is as important to the providers of products and services as it is to the recipients.
- • Access to the network must be as near to instantaneous as practical or users will find alternatives. They may wait patiently for access for a few milliseconds, but certainly not for a minute or more.
- • Human assistance is vital. There will always be the need to deal with exceptions that exceed the logical capability of computers. Therefore, a company must ensure that a human being, armed with as much supporting information as possible, is available to deal with non-standard transactions. In this way, users can feel they have received the best possible resolution of their needs.
- • Securing the network and the information it transports requires an end-to-end design that encompasses all elements of the transaction process, not a collection of bolted-on technologies and techniques added periodically in response to isolated incidents.
A trust-based business model is also a natural extension of enterprises' commitment to compliance with Sarbanes-Oxley (SOX) regulations and the transparency that results. Moving to a trust-based model builds upon and expands the scope of SOX from its nearly singular focus on financial controls to an emphasis on the end-to-end operational value chain and all of the embedded processes and techniques designed to secure it. Importantly, thinking about trust in conjunction with SOX brings the CEO and the board into the equation — better ensuring their active engagement in setting critical strategies and policies.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.