A new year means new challenges. Here’s what you should be concentrating on this year in an ever-changing fast paced IT world.
The New Year presents the perfect opportunity to strategize for the year ahead; but where do you start? 2017 was an unpredictable year for the IT industry, many organisations of different sizes faced unexpected challenges so you’d be excused for not knowing what to predict in 2018. If 2017 taught us anything it’s to prepare for the unexpected, from NHS data hacks and alike to the sudden announcement of GDPR implementation. Many lessons should have been learnt and it’s what 2017 has taught us that we really believe you should be concentrating on in your 2018 IT strategy.
Here’s the IT new years resolutions that the AAG IT team believe you should be concentrating on in 2018.
As the world becomes more connected each year, the security landscape becomes increasingly complex for organisations of all sizes. 2017 was an unprecedented year for data breaches and cyber attacks and the mainstream focussed on it like never before. Businesses can no longer afford to bury their heads in the sand and simply pray that an incident never happens to them. If the proper preventative methods are put into place before a cyber attack occurs it is likely that the damage will be significantly reduced. However, if you wait until an attack has happened, the damage can be catastrophic.
Our top tips to improve your security in 2018 are:
- Staff Education: Arguably the most important tip; prepare your staff with the correct level of education. How can you expect them to behave responsibly with valuable and sensitive data if their training is out of date or non-existent?
- Encryption is key: Encrypting your data is fundamental to achieving data security. This will ensure that you are protecting sensitive data and will help prevent data loss should theft or equipment loss occur. Encourage users to use long passwords. A password that contains a greater variety of characters such as numbers and symbols is even more secure.
- Always audit: An internal audit will enable your organisation to understand the effectiveness of your security controls. Performed correctly it should contribute to your protection, detection, crisis management/communications and any remaining continuous improvement required.
- Can the spam: Using a spam filter on your email servers is essential. An up to date and correctly configured spam filter will reduce the volume of spam your organisation receives and reduce the risk of potential threats.
- Patches aren’t just for pirates: Your organisation can fight back against hackers who exploit flaws by patching workstations and servers. Continuous reviews and patching as soon as they are released will give you the best chance.
- Removable media policy: Threat from the use of USB drives, external hard disks etc. are high. Introduce a removable media policy to restrict security breaches from potential unknown / non-trustworthy sources.
The commencement of the General Data Protection Regulation (GDPR) on the 25th of May will be an important milestone in 2018. It will mark the biggest shake-up to data protection since the Data Protection Act. GDPR will apply to every business regardless of size and will likely strike fear and panic in to many small to medium size businesses who are not prepared for it. The ramifications for not being GDPR compliant are quite unprecedented, companies will be fined up to 4% of their annual revenue. Ensuring that you are GDPR complaint will be an entire blog article of it’s own which we’ll cover in the near future but for now if you are unsure of what you need to do then please don’t hesitate to contact us for some advice or visit https://www.eugdpr.org for further information.
Back-up and disaster recovery planning
When a disaster in the IT department occurs everybody asks the same question; surely we’re backed up? Yet surprisingly, many businesses don’t back up properly or don’t have an adequate recovery plan in place. Despite the readily available advancements in backup and disaster recovery technologies and services, many organizations still use on-premises equipment and rely on their own staff to backup using out-dated methods.
Our top tips to improve your back-up and disaster recovery planning in 2018 are:
- Don’t leave it to chance: You must devise a disaster recovery plan despite how daunting that sounds. Start with the basics and develop it in time; what could be affected? How quickly could the company be up and running post-disaster? Who within the organization declares the disaster? How are employees and customers notified and reassured?
- Monitor progress: A successful disaster recovery plan should be viewed as a living, breathing document that can and should be updated when needed.
- Test your plan: An under-tested plan can often be worse than having no plan at all. Your plan should be tested one or more times per year.
Research tells us that the vast amount of companies give up on their new year resolutions within the first six weeks of the year but we believe that the above challenges can’t be ignored in 2018 and to do so would be at your own peril. Start the year off right, draw up a strategy including the above issues and organise quarterly reviews to ensure that you’re on track for a (fingers crossed) nightmare free year of IT.
Don’t hesitate to contact us to find out how your company can achieve its IT goals in 2018. AAG IT are the preferred Technology Partner for businesses across the board, supporting and advising on all aspects of IT within each business to save time, money and hassle.