Developing corporate information security – Post series starts
This starts a post series that helps corporates to systematically improve their information security. This series is intended mainly for small and medium enterprizes (SMEs). We are following an imagenary case example of SME called DeepWhite Software.
Case example is from IT field, but instructions in following posts can be easily adapted to other information centric industries.
Case DeepWhite Software
Case example DeepWhite Software (later DeepWhite) is a small size company that is providing software development services mainly for large local companies. DeepWhite is specialized in developing custom web applications.
DeepWhite facts and figures:
- Founded two years ago
- Privately held
- 5.1 milloin euro revenue
- 31 employees
Even DeepWhite is mainly providing software development services, it has some own intellectual property (IP). DeepWhite has developed own utility libarary that speeds up development of web applications and gives competitive advantage during the bidding phase.
The organisation structure is flat and there is CEO and few managers that has own responsibility area. The company has three technical sales persons that are handling both the new customers and traditional account management. Big part of the sales comes from old customers that are developing new applications and improving old ones.
Development teams are formed for each customer case and development is mainly done in customer premises.
The whole company started as a one development project for the biggest customer. DeepWhite has grown rapidly and main focus has been on customer cases and deliveries.
During the customer projects teams have identified one product initiative that could be next B2B hit. The company is now setting up an own product development and set up team of five for product realization.
So far it has been all about customer cases, but now company has grown and management sees that there is a clear need for improvement in the information security practices.
We are ready to move into Step 1: Commitment.