E‐enterprise security management life cycle

One of the purposes of this paper is to discuss special security concerns and new challenges at front‐end e‐business and back‐end supply chain operations. An e‐enterprise security management life cycle (eSMLC) is then proposed to ensure the unification and congruity of e‐enterprise security management.

To demonstrate the practicality of the eSMLC, a case study is presented to depict the application and implementation of the methodology at a leading US heating, ventilating, and air‐conditioning manufacturing company.

The case study substantiates that the eSMLC methodology can be employed as a unified mechanism to provide central, cohesive control and global visibility. It helps security professionals in the company develop practical steps and sustainable solutions for tackling the unique security challenges arising in an open, unbounded e‐enterprise environment.

Implementing eSMLC can help the security specialists focus on different critical security management jobs in a sequential but interrelated and logical manner. Through the use of eSMLC, in‐depth understanding of the potential environmental risks can be properly acquired. The methodology also helps managers perform a proactive analysis of the consequences of security breaches in relation to risks.

The proposed eSMLC methodology provides a viable foundation for building a secure and manageable computing environment using a recommended set of solutions, processes, procedures, and technologies. eSMLC methodology renders a unified, structured framework which helps develop an actual security plan and solutions and/or improve currently used security standards, practices, and configurations in response to special security requirements and long‐term e‐business needs.