How far would you go to save a million dollars? Would you spend three million in the process? It seems like a ridiculous proposition from a monetary standpoint, but Dave Kearns explains why it might not be a bad idea.
Risk management weighs the monetary losses against the long-term losses that the company could suffer, such as loss of reputation. To begin the weighing process, Anderson suggests evaluating risk based on four categories.
- Authentication valid, connection safe, access allowed.
- Authentication questionable, further authentication asked for.
- Authentication valid, connection questionable, authorization level reduced.
- Authentication is questionable, connection questionable, access denied.
As you can see, there are three basic variables to consider in risk management: authentication, connection, and access. But the actual implications of the risk stretch much further than that. Maybe you wouldn’t spend $3 million to save $1 million, but you might spend $3 to save the reputation of your company. The long-term worth of risk management stretches much further than the bank account.