Selling Your Management on Better Computer Security

Security is everybody’s concern. Everybody who connects to a non-secure network is vulnerable. If you’re having trouble convincing your management to take security as seriously as you do, this quick guide can help. This checklist covers the most common reasons that businesses skip over crucial network security essentials so you can address each obstacle or objection in turn.

Bringing Everyday Risks to Light

Common misperception: “There is nothing on the server worth stealing.” The truth is that the average business server contains more than just sales records and timesheets – every business handles the private information of customers, contractors, and employees. Thieves make good money buying and selling bank information, social security numbers, contact information of all sorts, and especially lead lists.

Besides, the information management might think is worthless still has value to the business. Sometimes network intruders use a “slash and burn” method that simply destroys valuable data instead of simply stealing it. A grudge, or even a simple mistake, can result in years of lost data.

From Theory to Practical Examples

It’s difficult to fight an invisible enemy. The more management understands about the nature of deliberate and automated attacks, the better they’ll be able to understand the need for implementing a more secure network policy. Before you pitch your ideas, check out the following list of questions management will want to see answered: use practical examples from everyday business operations.

– What kind of information are thieves looking for?
– How do thieves and automated attacks sniff out their targets in the first place?
– How does a thief gain access to sensitive business data?
– Who is responsible for a data breach?
– What are the legal ramifications?
– How much would damage control cost in the best-case scenario?
– How much would it cost to implement effective security solutions?
– How much will it cost to scale these solutions to match the growth of the business?

You’ll be able to come up with more helpful question prompts as you continue putting together your presentation. A successful plea for better IT security means making it personal: your data is at risk, the customer’s data is at risk, even the management’s data is at risk. Frame your answers around their needs as well as your own.

Righting a False Sense of Security

Computer contractors and service providers often do their best to provide the most secure services possible. Application-level security is definitely important, but it doesn’t add up to anything resembling “real” network security.

The cloud company that handles your timesheets might be secure, but what about the Internet browser employees use to access them? Employees might use a secure VPN, but what about the security of the workstations they use to access it? Imagine going through the effort of securing a business network by hand – and then realizing that all the backups went straight to an unsecured machine, vulnerable to even the most basic automated attack.

It’s easy to grow complacent about security when every service touts their offerings as the most secure and dependable. Insist on a comprehensive security audit to pinpoint information that becomes vulnerable when transmitted to or from an unsecured source.

Creating a Thorough Implementation Plan

Sometimes the biggest thing preventing management from adopting a better computer security plan is simply the inability to visualize an affordable, scalable, and easy-to-implement solution. In fact, there are not many such solutions available – perhaps begin with something as simple as an audit to determine risk, protect the assets that come with the most risk, limit access privileges, and start thinking forward toward implementing more secure solutions from the ground up.

Start with the small things: operating system updates are essential for security, but many small business networks still rely on the native update prompt (often promptly ignored or postponed if it pops up in the middle of the workday). On the other hand, Batch Patch IS the ultimate windows update tool and allows for safe overnight scheduling. It’s easy to sell the management on the idea of fewer interruptions and better system stability, and the added security is just a nice bonus.

Are you having trouble getting management to accept suggestions from outside their pool of favored software vendors? Licenses for enterprise grade software are often prohibitively expensive, and management knows it. Offer better suggestions from companies that provide better prices and service.

Stay passionate about security. Businesses small and large need to pay attention to security concerns coming from employees at every level – as long as you can present your case clearly and with real-world solutions, you don’t even have to be an expert to convince management to take a step in the right direction.

Thank You for reading my article… I’ve been writing tech and software related articles for various blogs for 2 years. You can download the evaluation version of the Batch Patch tool mentioned above and give it a try yourself. I highly recommend it.

Comments are closed.