Pfizer has new technology that helps to access the system easily. They have a smart card consisting of proximity device so that as a person walks near a computer, there is a signal emitted by smart card which verifies you. There is use of pin number so that no one can use another persons card and pin number is used in other parts of the company such as making charges at cafeteria and accessing the building physically. When Pfizer is deploying information system, they take their time to cooperate with people who do business in order to know the risks involved in storing and transferring information.
They do not under protect information or overprotect it. Business can be impeded by overprotecting information which can make security be thrown out. They partner with information technology and business in order to protect business, offer quality products and services and make profit. (Betancourt, 2002 pp19-21). Describing policies and measures used by Pfizer to ensure confidentiality, availability and reliability of data and information Confidentiality of data is ensured through a system that employs cryptography such as public key and symmetric key in order to encrypt and decrypt information and data.
There is an entity that reads sensitive information and data and the key represents a secret property. To ensure availability of data and information Pfizer has prescription coverage to ensure access to its medicines that are new and widely prescribed. Through number 866 706 2400, there are live operators to guide patients according to their needs and the programs for public assistance according to medical needs and income. The reported outcome of patient’s measures determines how treatment of a disease affects patients.
For Pfizer to ensure personal data is secure, it uses data customary that protects electronic and manual processing. Security technology in online opportunity ensures securities that avoid loss of data, misuse of data, unauthorized disclosure, destruction and alteration of data. Steps taken to ensure data remain accessible in event of catastrophic event such as fire and other natural disaster Actions are taken to lower exposure to risk arising from hazard to safeguard development efforts. Developing systems for early warning helps in reducing risks and having capabilities to respond to catastrophic events.
Disaster recovery is used in recovering information in event of catastrophe. Disaster recovery planning is devoted to prepare for action to respond to catastrophic event. Assessment in disaster recovery is simulating catastrophic event and planning for disaster recovery in order to have recovery need that are specified. Plan for disaster recovery state duration the recovery should take and the state of data expected by the users and management need to be informed all the time of these specifications which are substantiate by recovery assessment.
Things I think Pfizer could do to further enhance information security There should be enough circulating space inside the organization so that staff can move around freely without use of lifts. Employees should avoid calling their colleagues using phones but instead use face to face communication about information concerning the organization and cellular office space should help to make communication easy. Government should take action to develop mechanisms for sharing information with private sector by engaging private sector actively in determining requirement of information and having a partnership that is based on trust. ( Parker, 1996 pp21-23).