Boring’s Not So Boring
Top Reasons to Justify Ignoring Your IT Security
Securing your corporate infrastructure can feel overwhelming. But, the good news is that many of these vulnerabilities can be avoided by implementing simple security measures to protect confidential information. Perhaps some of the following reasons for not investing in IT security will sound familiar.
Reason No. 1: I don’t know where to start.
Security or any large project can be daunting. This often stalls the start of the project, but with something as important as your IT security, don’t become a statistic. The cost of a single data breach averages $136 per record compromised and $5.4 million overall in the U.S., which includes regulatory fines, reputation damage and the cost of closing the security gap.
IT security in this day and age is as important as locking the doors on your car as you walk away. It is a line of defense against unwanted intrusion. To determine vulnerabilities in your IT environment, you should first evaluate your existing technology. Technology includes all devices that access the network on a regular basis and devices used by office visitors — go beyond PCs to look at printers, mobile devices and videoconferencing systems. Once you have clear line-of-sight into what is protected and what is not, you can develop a comprehensive security strategy that includes key areas of the technology infrastructure.
Taking the first step is always the hardest. If it feels like it’s too much for you to tackle on your own, there are experts that can walk you through the process of creating a security strategy that is tailored to meet your company’s needs. Not only can they tell you how and when to implement your strategy, they can also help you prioritize your security needs.
Reason No. 2: My PC and network are already secure.
With the influx of new devices in the office, IT departments have to be vigilant when it comes to securing their IT environment. This includes staying up-to-date on new security protocols and strategies for existing technology. Most companies today focus their security efforts around the network and endpoints like servers and PCs. However, 90 percent of enterprises have suffered at least one data loss through unsecured printing. Many companies fail to implement security measures on the other technologies in their office that are connected to the Internet, like printers and mobile devices. The reality is, if left unsecured, these devices can be threats to an organization.
Have you considered securing the printers that sit on your network? Most IT managers don’t. You may be surprised to learn that the most common printing security breach is the actual printed document that rests on your device’s output tray. We all print and forget, or accidently pick up someone else’s print job. This can cause personal information to be leaked, or stolen, unknowingly. An easy remedy to this common security faux pas is implementing a secure pull print solution. This will allow end users to send their print job from their PC to the cloud, where it is encrypted before being released by the user after they authenticate their identity directly at the device. This easy, two-step process protects the confidentiality of sensitive print jobs while reducing the amount of waste in the office. Worried about a long and complicated software installation process? Worry not, the industry’s newest pull print solution requires little to no installation and has a simplified setup process. And, some solutions, like HP JetAdvantage Pull Print are free so you don’t have to worry about an additional cost.
In addition to printers, mobile devices like smartphones and tablets can also get overlooked when it comes to security. As smartphone usage in the office continues to rise, so do concerns of unprotected data. Only 30 percent of organizations have effective rules and policies regarding the security of data on company-issued and personal mobile devices. Does your company have a mobile device strategy? Try implementing rules on device usage and security in the office to better secure the company’s information, both on the actual device and when it connects to the network. Take your strategy a step further by utilizing an advisory service that will help you define your Bring Your Own Device (BYOD) and Choose Your Own Device (CYOD) security policies.
Reason No. 3: I don’t have the budget to hire dedicated IT security staff.
According to Tech Pro Research, 36 percent of companies list an insufficient security budget as one of their biggest security challenges. Whether you are a small business or an enterprise organization, you have an IT budget. Rather than viewing IT spending as an expense, consider it an investment into protecting your intellectual property for your business. Just as you invest a portion of your personal budget into a home security system, you should also invest a portion of your IT budget in securing your office technology. While it may seem like a small investment, your IT dollars will make a big impact, in addition to protecting you from information theft.
With the introduction of new security monitoring solutions, you can sleep soundly knowing that your printing fleet is being monitored around the clock. These programs have the ability to collect, analyze and correlate print device log events, proactively identifying and flagging risks before they occur. Now, you can stop a breach before it happens, in real-time. Think of it as your personal IT Secret Service team without the added expense of paying for actual manpower.
Don’t let titles and expertise prevent you from learning more about IT security and implementing change in your organization. If you are interested in evaluating your IT environment, you can utilize a free online tool to gain insight on just how secure your technology is. This will show how to not only keep data and devices secure, but it also helps to reduce costs.
In conclusion, when looking at your IT security, stay calm and take the first step. Don’t overlook technology like printers or mobile devices. And, don’t let budget stop you from getting started. Find a solution that provides a comprehensive approach to best fit your business needs.
Michael Howard is the Worldwide Security Practice Lead for Managed Services for HP’s Printing and Personal Systems Group. Visit www.hp.com for more information.
Source: http://workflowotg.com/index.php/2014-03-01-18-47-26/current-issue/261-top-reasons-for-ignoring-it-security-and-why-you-should-stop. This article originally appeared in the December 2014 issue of Workflow.