Developing corporate information security – Post series starts

This starts a post series that helps corporates to systematically improve their information security. This series is intended mainly for small and medium enterprizes (SMEs). We are following an imagenary case example of  SME called DeepWhite Software.

Case example is from IT field, but instructions in following posts can be easily adapted to other information centric industries.

Case DeepWhite Software

Case example DeepWhite Software (later DeepWhite) is a small size company that is providing software development services mainly for large local companies. DeepWhite is specialized in developing custom web applications.

DeepWhite facts and figures:

  • Founded two years ago
  • Privately held
  • 5.1 milloin euro revenue
  • 31 employees

Even DeepWhite is mainly providing software development services, it has some own intellectual property (IP). DeepWhite has developed own utility libarary that speeds up development of web applications and gives competitive advantage during the bidding phase.

The organisation structure is flat and there is CEO and few managers that has own responsibility area. The company has three technical sales persons that are handling both the new customers and traditional account management. Big part of the sales comes from old customers that are developing new applications and improving old ones.

Development teams are formed for each customer case and development is mainly done in customer premises.

The whole company started as a one development project for the biggest customer. DeepWhite has grown rapidly and main focus has been on customer cases and deliveries.

During the customer projects teams have identified one product initiative that could be next B2B hit. The company is now setting up an own product development and set up team of five for product realization.

So far it has been all about customer cases, but now company has grown and management sees that there is a clear need for improvement in the information security practices.

We are ready to move into Step 1: Commitment.

Posted on November 10, 2013, in Corporate security. Bookmark the permalink. 1 Comment.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: