Productivity and Security- Can you ever have both?

Input from various stakeholders ensures you’ve thought of everything before taking an idea to the top-level decision makers.

3. Negotiate: Consider creating an executive security steering committee. During regular meetings, this team should be updated on where the company currently is security-wise, and discuss security concerns that need to be addressed at the executive level. Sometimes you’re faced with a higher level of risk than you’re used to, and you may get push back from folks who are unwilling to take that leap of faith. If your working team has already discussed the pros and cons and concluded that it’s worth the risk, your executive team has the input they need from across the company to make an informed decision. This team should meet quarterly but may be needed in the meantime if a security need arises. Above all, it is key that this team understand that security is not simply an IT concern–it is an enterprise concern with company-wide implications.

“The right combination of technology, intelligence and expertise can go a long way to protect your company’s network while keeping your company’s doors open for business”

Lock the Doors

While it may sound dramatic, an organisation needs to secure the perimeter before anything else. How secure are your firewalls? When is the last time you updated your anti-virus protection? Regardless of your answer, you probably aren’t doing enough to keep your company secure. Cyber attacks easily bypass traditional signature-based tools, which means you need a security platform that not only works to prevent a breach, but also detects possible attacks and helps you analyze and if necessary, responds.

The Cloud and mobile devices are hot targets for hackers looking for a way in. The last thing you need is for an employee to potentially bring something into your environment by plugging in their mobile device into your secure network. The bad guys may already be targeting you from outside–don’t make their job easier by having one of your own inadvertently being the malware messenger. Does that mean you shouldn’t adopt a BYOD mentality? Not necessarily. Mobile access is the key to many business needs and can help your employees stay productive. It simply means you need to make sure you’re as protected as possible.

And if your system gets compromised, you’ll need tools to respond and contain the breach and mitigate loss. These types of tools take time to implement, and your working committee and executive steering committee should discuss these as soon as possible to they’re prepared for the worst. The right combination of technology, intelligence, and expertise can go a long way to managing a compromised network and keeping your company’s doors open.

Decisions

Business needs change over time. When you’ve got to decide whether how to meet your changing needs, the decision ultimately comes down to a tradeoff between productivity and security. Things to keep in mind at this stage are the potential business impact, the impact on productivity, whether it will help drive the business or deliver service to a customer. These factors must be taken into account when determining whether to undertake a move that may carry additional risk.

Other concerns: How important is this change to the company? Is it impeding the business’ operations to keep the status quo? Will this change open your company up to potential data leakage or privacy concerns?

The bottom line is: you can have a balance between productivity and security. Keeping your company (and your customers) secure cannot mean total lockdown, because no one can do their work. Find a level of risk you’re comfortable with, take the necessary steps to protect yourself as best you can, and have a plan in place to contain a breach in the event it happens. And know that you’ve done everything you can to eliminate one four-letter word from your vocabulary, or at least, to tame it.