Reactive or proactive security measures for your business: are you in your comfort zone?
Posted on Fri, Mar 19, 2010 @ 05:08 PM
Despite obvious consequences, many mid-sized companies are cutting back on security in order to weather the economic downturn. How can you be sure you have adequate coverage for your company?
According to a McAfee survey, seven out of ten mid-sized business believe that a data breach could put them out of business. That is a startling 70%! Yet, we see more companies slimming down their IT and security budgets in light of monetary strains.
The truth is… while you may spend less in reoccurring monthly charges, your company may be crippled by the costs of emergency repairs in the instance of a security breach. Darrell Rodenbaugh from McAfee shared his insight explaining a terrible trend afoot;
"An organization’s level of worry and awareness about increasing threats has not overcome the downward pressure on budgets and resources… But this creates a vicious cycle of breach and repair that costs far more than prevention"
Do you have an expert at your fingertips? The biggest question is if someone in your office is capable of deploying, configuring, managing, updating, and supporting a system with multiple lines of security for your organization. Remember, there are five key areas to consider when reviewing a security solution: end points, network security, e-mail, Internet, and data security. So, how can you determine the acceptable level of risk with regard to security for your organization? Take a look at these topics to review when evaluating your security needs.
A reactive or proactive stance.
Should you wait until a threat emerges and then concentrate on protecting your company against those threats? No! That’s like shopping for one meal at a time at the grocery store. Why wait until you’re hungry to go shopping? Take a proactive approach to assess threats, determine vulnerabilities, and analyze the risks to your company in terms you can use. For example, the likelihood or impact of an infection or compromise
. These quantitative results will help you measure the level of risk you are willing to carry with regard to security.
Policies to protect your company. While you may be confident in your staff and their ability to avoid infections, many dangers lurk in unsuspecting places online. According to RSA, the number of attacks via social networks at the end of 2008 totaled roughly 100,000 incidents. Promote a company policy restricting social networking and personal e-mailing at work in order to protect your organization from disaster. Unfortunately, all the preventative programs and policies in the world won’t do a bit of good if there is no training, tracking, or enforcement to keep your company safe. So, be sure to follow up with your security plan.
The purpose and scope of your
security plan. If you want to protect your business from costly interruptions, create a plan. Of course, the obvious purpose is to protect your company data, but think about the five vectors mentioned earlier; end points, network security, e-mail, Internet, and data
security. Which is a higher priority for you? Build a plan that focuses on your most valued or vulnerable areas, but be sure your scope is all inclusive. Overlooking any one of these five areas may be detrimental to your company’s progress. For example, compliance is a huge driver for security considerations in many industries today. Regulations may require you to keep documentation for a number of years and protect those documents from prying eyes. Make sure your plan protects your customers data, your employees, and you.
Don’t let security get bumped off your radar! If you have any questions about the topics in this article, take immediate action to protect your organization today by picking up the phone and calling Technology Management Solutions. We will work with you to conduct a thorough assessment of your network and pinpoint any exposure or risk to potential lapses in security, data backup, power outages, and system downtime.
Don’t worry, we won’t tie you down to one set of security measures. We understand that every business is a different. Our goal is to find the best solution to fit your organization and protect your most prized possession, your business