Protecting information in a changing world

HomeBlogsProtecting information in a changing world

Is technology getting harder rather than easier to use?

Technology is, without a doubt, becoming increasingly complex and fragmented. Cloud services are competing with in-house systems, staff are using their own devices for work purposes, and different business areas are spending their own budgets on technology without necessarily informing the IT manager.

Undoubted benefits come from adopting new technologies and working practices. Staff are more accessible, productivity increases and the business can become more agile. Alongside such advantages however, the downside can be that IT loses a level of control, potentially compromising security and making service levels harder to assure.

Knowing how to strike a balance between benefits and risks can be quite daunting. Some businesses try to prevent use of external services, restrict use of personal devices or add layers of budgetary control. Others find themselves heading in the other direction: being unable to adopt a manage-everything approach, the risk is ending up with a situation in which anything goes.

Most organisations lie somewhere in between, with IT managers attempting to keep existing technology going while expressing concern at non-jurisdictional IT activity. The concern is valid, not only given the potential for issues but also because it will undoubtedly be the IT department that carries the can if something goes wrong.

Organisations should respond by putting information first.

So, is there a better way?

Rather than trying to do everything, best practice suggests focusing on the core information assets at the heart of every business. Different information types require different levels of protection, depending on how important they are and the risks they face. For example:

  • A manufacturer’s discounted price list may be a simple spreadsheet, but its publication would be of major consequence.
  • Salary data, unaudited financial information or sales data all need to be kept to certain groups or individuals within the company.

Putting the information first helps the business decide whether information assets are important enough to require centralised management, protection and support – that’s what the IT department is for. By agreeing with the business who should have access to what, the IT Manager then gains a firm foundation to define how such assets need to be protected.

All sides stand to gain from this approach. The IT department can focus on delivering business-critical information in the best way, while business departments are better able to make decisions about device types or web site designs, without increasing business risk.

Of course this still suggests a shift from IT having exclusive control over technology – but this shift is happening, whether the IT manager likes it or not. Better to work with the change, than be left behind.

A blurred motion shot of a high-speed train moving through a tunnel - ALL design on this image is created from scratch by Yuri Arcurs'  team of professionals for this particular photo shoot

Colt Technology Services

20 November 2013

 

Recent blog posts

How secure is your network?

With the average cost of a data breach reaching $3.92 million, and DDoS attacks increasing by 967% this year alone, ...
Continue Reading

Gartner Symposium/ITxpo 2019

Join us at Gartner IT Symposium/Xpo Connecting the digital society Gartner Symposium 2019 Connecting the digital society Tech ...
Continue Reading

What is the Cloud? Your Guide to Cloud Computing

What is the "Cloud"? Your guide to cloud computing Introduction Benefits Cloud types Cloud services Connecting to the ...
Continue Reading