Hire A Security Guru

An interesting article, called “Security: Under Lock & Key”, appeared today on Processor.com:

For most enterprises, security is best defined as a process, not a product. Although firewalls and monitoring software have their place, they’re only part of an overall security strategy that is likely to have many components.

In creating a more comprehensive security strategy, many SMEs bring in vendors and consultants who can address different tools and tactics. In choosing a candidate to walk IT through a proposed strategy, a company shouldn’t look only for technical expertise.

“A consultant should be able to talk in business terms, not just technology terms,” says Russell Morgan, president of the Information Technology Solution Providers Alliance. The consultant should be able to chat about return on investment, key metrics, and long-term goals, Morgan notes. Putting security information within the context of the rest of the business plan will also boost buy-in from other departments.

Although SMEs often have budget restrictions when it comes to hiring, some analysts have noted that the cost of hiring an experienced security expert outweighs both the financial impact of a security breach and the expense of trying to implement security measures using an overtaxed staff.

“A really good security chief doesn’t just track down problems,” says John Challenger, CEO of outplacement firm Challenger, Gray & Christmas. “He or she keeps on top of what is a constantly changing field… Designating one person to handle security will also free up considerable time for other staff members.”

As frustrating as constant security upkeep might be, it’s time to recognize that the IT department will be in it for the long haul. Part of being realistic is understanding that security will need a healthy chunk of the budget.

“Many SMEs have technology apprehension, especially around security,” says Yankee Group analyst Steve Hilton. “It feels like a monumental headache. But if they accept that it’s a vital part of the job, sometimes it seems easier.”

This blog is run by the authors of FindProtected.
FindProtected is an effective security program that allows you to search your network for password protected files. With FindProtected, you can properly identify protected files and relocate them if necessary.

Leave a Reply