A data breach is on par with the most damaging things that could happen to an organization. The thought of being the next company to make headlines keeps IT leaders up at night. As threats become increasingly widespread, sophisticated and dangerous, you should be developing security strategies that protect your environment.
Depending on your industry, you may have additional compliance requirements to take into consideration as well. These requirements require staffing, monitoring and budget. They can be overwhelming for a team that is inexperienced or already stretched too thin. IT security can be a deep and sometimes overwhelming topic. Here’s some quick-hitter questions to “baseline” your current environment, security strategy and, if applicable, compliance.
Current Environment – These questions can help reveal how prepared you are to defend against web-based threats.
- Are you ensuring prompt updates with firewall devices?
- Do you currently utilize cloud security applications?
- Does your company use a public or private network?
- How do you protect the data you transmit between locations and with your vendors/clients?
- How do your remote employees get access to your corporate resources?
- How are you keeping your customers’ data secure?
Security Strategy – Don’t forget the big picture. You likely employ a variety of strategies to secure your environments, all of which require you to manage risk tolerance, cost, internal resources and a variety of other factors. Ask yourself these broad questions to “leak check” your strategy.
- What is your current e-mail security strategy?
- What is your current web security strategy?
- Is your company performing on-going security testing?
- What kind of growth do you expect over the next 12-18 months?
Compliance Regulations – Compliance is feast or famine. Either you have to deal with compliance or you don’t. If you do, it can hang over your head with a constant cycle of audits and reports. Here’s some straight forward questions for compliance documentation.
- What compliance or regulation issues does your company face?
- What specific industry regulation governs your company/industry? (i.e. HIPAA, GLBA, Sarbanes-Oxley?)
- What compliance initiatives (i.e. SOX, HIPAA, PCI, etc.), if any, are occupying resources and/or budgets?
Asking these questions will help you “baseline” and uncover specific needs. ATC can help you walk this path to determine your desired future state and the appropriate network and security services to support your goals and objectives. Many of your peers are embracing managed security solutions such as this from ATC provider, Nitel.