Naturally, a couple of side benefits include having more satisfied customers and happier and more productive employees.
Technology may play a valuable, even essential role in IT security. However the route to security is first to go through your business activities and second to go through the people who use your IT.
Those who miss these simple facts typically go on to make the following mistakes:
1. Lack of Employee Information Security Awareness
Today’s IT big-brand security software and hardware solutions are generally robust and reliable. Hackers know that. They simply go around them.
Using social engineering, they’ll phone up pretending to be vendor technical support and ask to ‘run a test.’ They’ll eavesdrop on coffee-shop conversations. They’ll send targeted phishing emails to get hold of user credentials that let them work their way into your systems.
Employees that don’t know what to watch out for or how to behave will make things easy for IT hackers.
2. Not Knowing What is Critical to Your Business
Some of your information is more valuable than other information. At a minimum, pick out the critical data that must be protected at all costs (customer/reseller payment data, employee records, and company bank account information, for example).
Put that essential information into the best protected servers. If on the other hand, you mix key data with non-essential files on different machines, your security could be patchy or possibly non-existent where you need it most.
3. Poor Enforcement of Security Policies
Suppose you instruct your IT team to install anti-virus software on employees’ PCs, use an automated password reset system, and keep servers and apps correctly patched. If these policies are not monitored and enforced, expect some or all of the following:
- Users think they know better and turn off the anti-virus software ‘because it slows down their PC.’
- Passwords are written on note paper and stuck to screens and keyboards, so that people don’t have to remember them or answer security questions if they forget them.
- Servers and applications drift out of sync with the latest upgrades as the IT team reverts to being interruption-driven instead of working on strategies and policies.
4. Failure to React to Alerts
There is one overriding truth about attacks made on IT systems. One way or another, they generate abnormal behavior.
Whether it’s somebody trying to log in far too many times per hour, your servers calling out to strange network addresses, or data being stockpiled in unexpected places, attacks leave traces.
Technology can help you identify those anomalies. But it takes people to sit up, take notice, and act to stop the attacks.
5. Leaving It All to the IT Department
Your IT team may be smart, competent, and dedicated. But it needs input from the rest of the company about business objectives.
Over-zealous application of IT security technology could restrict possibilities of customer service and end up hurting revenues. A business-technology balance has to be found that gives you the vital protection you need, while still letting your distribution or manufacturing company operate to its full potential.
Working with your IT department to plan for business and productivity needs first, and then towards the right choice and application of security technology is the way to go.
Which are the biggest IT security threats you face today? Share your thoughts and suggestions in the Comments box below.
And to follow-through on the tips introduced in this short article, be sure to download your free guide, How COOs at Los Angeles Distributors and Manufacturers Get More Done: A Guide to Productivity, Data, Staffing, Delegation, and Making It Home for Dinner Most Nights.