Staying safe if your IT security budget gets cut

The  facts are this: IT isn't safe from budget cuts – but that doesn't mean that the risks and dangers that existed when you had a full team are likewise going to be cut in half. Are you prepared to do more with less? Have you considered how to handle a full compliment of IT risks when you have less than a full compliment of IT staff? This post by Chris Stoneff focuses on how small to mid sized organizations can maintain a high level of security for their organization. His high level tips include:

  • Make sure users are doing upgrades regularly
  • educate users
  • make IT and the help desk paranoid about the network
  • manage passwords more effectively

Each of these high level tips is broken down to provide actionable items. Take for example the education of users – something that can not only cut down on help desk calls and expenses, but also create a front line force to help secure the company's technology: 3. Educating users about:

  • Opening email from hostile entities. Cover phishing, spear phishing, attachments, etc.
  • Social engineering – so that access is not granted to those with a silver tongue
  • Going to “interesting web sites” and downloading “fun” content that’s actually hostile malware
  • Bringing in their own USB sticks or phones, and inserting these devices into their machines and potentially infecting the network
  • Letting other people, such as family members, use company notebooks at home to surf the web or access email
  • Key loggers – what they are, why they’re a threat, etc.

IT not getting it's regular, expected budget doesn't mean that it needs to sacrifice good security practices. A cut budget, while not the preferred situation, can lead to an expansion of innovation, user involvement, and optimization.  

Show More

Leave a Reply


We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.