IT Department risks in 2020

Today, more than ever before, IT Departments face risks from internal and external sources.

This means that companies need to protect themselves from the internal day to day silly mistakes staff make online while browsing or in Email as much as from external threats such as automated hacking AI bots all the way through to risk of commercial competition trying to get at your company IP.

Let’s address each of these,

1. Protecting your company from your own staff

Usage Training

Human beings are the weakest link when it comes to cyber security.

Viruses, malware and advanced techniques that use social engineering are all betting on one thing – that one of your users will be naïve or distracted enough to click on a link, provide information or inadvertently take an action that opens your organisation to attack.

No matter how much you invest in cyber security software and cyber security insurance, it may all be for nothing if you’re not promoting cyber awareness amongst your users.

It is easy to become complacent about security when a company installs an anti-virus and a firewall, however, this does not protect your network if your own staff have not been trained in correct IT usage.

It is therefore necessary to create an IT usage training policy that teaches and reminds your IT users how to circumnavigate the daily risks they and your network face when using IT.

Cyber security

 Anti-Virus

With an increased use of computer system across the world, there are many threats which are also increasing along with it resulting in risk of data security for individual and organisations.

Data is the most crucial and essential component of every organization, and no one would want to risk the confidential data to the viruses approaching the computer system.

Antivirus is recommended for every computer system to keep it secure from any unknown threats approaching your computer system from the internet, external drives, memory sticks, etc. and keeps your confidential data secured.

2. External threats / risks

A firewall must be installed which will aid in minimizing threats to your network

THE THREE DIFFERENT TYPES OF FIREWALLS

•             Packet Filters

Packet Filter Firewall controls the network access by analysing the outgoing and incoming packets. It lets a packet pass or block its way by comparing it with pre-established criteria like allowed IP addresses, packet type, port number, etc. Packet filtering technique is suitable for small networks but gets complex when implemented to larger networks.

•             Stateful Inspection

Stateful Packet Inspection (SPI), which is also sometimes called dynamic packet filtering, is a powerful firewall architecture which examines traffic streams from end to end. These smart and fast firewalls use an intelligent way to ward off the unauthorized traffic by analysing the packet headers and inspecting the state of the packets along with providing proxy services.

•             Proxy Server Firewalls

Also called the application level gateways, Proxy Server Firewalls are the most secured type of firewalls that effectively protect the network resources by filtering messages at the application layer. Proxy firewalls mask your IP address and limit traffic types.

However,

moving into 2020, an IP filter appliance is just not good enough to secure your business.

Additionally, you need to invest in DNS filtering solutions as well

These solutions ‘filter’ every bit of traffic into your network in an offsite cloud based safe environment first..

Top 6 DNS Security Software

  • Webroot DNS Protection
  • OpenDNS Umbrella
  • Open DNS Personal Internet Security
  • WebTitan Web Filter
  • DNSFilter
  • MXToolbox

3. In conclusion

An IT department can enjoy a reasonably low risk environment when there is a multiple managed policy around training staff on usage bundled with Antivirus software, Firewalls and DNS Protection services

If you would like more detail on how to manage your IT Department better and to avoid these risks -Just click here! https://switchedon.co.za/contact-us/

And follow us on LinkedIn – https://www.linkedin.com/company/switchedonit/

Author: –

David Green MD SwitchedOnIT

People Risks in a Digital World – Business alignment

It is the duty of an IT department manager to align the day2day and strategical decision making with their employers’ business needs and strategies and to run their department as lean as possible.

Therefore, every human resource involved in the department must be closely managed against these two KPI’s – cost saving & business alignment

These important prerequisites are at risk in companies that do not appropriately train or manage their IT staff and most often the individual roles set do not align with the overall business strategy;

This is a risk faced by many enterprise organisations.

Lack of documentation should be a criminal offence

Additional risks faced by medium to large sized organisations are around a prevalent culture of job-hopping and emigration – currently any larger salary or status upgrade offer will do, and this leaves the company with open gaps and lost institutional knowledge.

Documentation is not addressed as a policy and is generally non-existent.

When someone leaves the IT Department, the IT knowledge is lost forever, and it will take months to rebuild this with a new resource;

And then the cycle repeats itself with new replacement hires..

SmartSourcing

Outsourcing this risk to a company that specializes in Incubating, Supplying and then Managing strong IT support staff and Professional IT Managers into IT Departments ensures that organisations IT Department align with overall Business Strategy while protecting IP through ongoing management.

Automating the day2day

Hiring people for support functions doesn’t make sense when 80% of the day2day can be automated.

Rather use your IT staff to deliver on projects that add value to business!

With today’s technology always being “on” and very secure in a cloud-based environment, is it necessary to employ people to do automated work?

A great alternative is to employ an outsourced service provider that has experience around using automated cloud-based tools to deliver the same or even better results than human resource solutions. Areas such as security risk patching, moving reactive computer maintenance to proactive maintenance, automated self-checking and self-healing backup systems, automating hardware audits and automating reports for the business will free up your IT staff to get projects done!

The South African skill gap
Enterprise Information Managers need on-going assistance with acquiring, incubating and managing technical talent and managers.

How to combat this problem

It is common practice to outsource non-core business functions to companies that specialize in those specific verticals and hold them accountable against KPIs while you focus on business.

Partner with a reputable IT outsourcing company that specializes in:
A) Incubating, Supplying and Managing on your behalf IT support staff and IT managers
B) Delivering tools that will free up your IT staff to deliver on projects

What to look out for in a potential outsourcing partner for cost saving & business alignment

  • Long and successful track record of engagement with peer companies to yours
  • Case studies from other projects
  • Experience working in your industry
  • They listen to your needs and try to understand your company to find a solution that will holistically meet your specific needs.
  • The M.D is personally engaged in your business success

Introspection time:

Do you foresee any risks in your organisation by not having every IT staff members daily tasks documented?

Do you own your IP, or will you lose Institutional Knowledge if someone leaves?

– David Green, Managing Director, SwitchedOnIT

If you’re experiencing People Risks in a Digital World contact SwitchedOnIT -Just click here!
https://switchedon.co.za/contact-us/
And follow us on LinkedIn – https://www.linkedin.com/company/switchedonit/