AKIBIA'S PRACTICAL GUIDE TO ENTERPRISE TECHNOLOGY

Tuesday, February 24, 2009

Tightening Budgets and Their Impact on IT Security

In an earlier post I mentioned the recent credit card security breaches. I want to encourage businesses everywhere, not just retailers to take this news as a reminder of the importance of strong, well-managed security strategy and policy. The business community at large and not just retailers, online merchants and banks, need to ensure that their security infrastructure is sound. As I go out and speak with Medium and Large Enterprise customers, I often hear that IT budgets will remain flat or decrease due to the state of the economy. There are those that are increasing their IT spend however they seem to be in the minority. IT departments are struggling to prioritize their shrinking IT dollars across important projects.

Infrastructure security needs to remain a top priority – along with business application and productivity initiatives. I'd encourage businesses to look for savings in their IT maintenance budgets and leverage that savings to fund the security and other projects vital to a healthy infrastructure.

Even non-retail / PCI required companies, need to remain constantly vigilant and regularly evaluate and improve infrastructure security to meet new threats and challenges, as well as new regulations. Massachusetts has passed an online privacy law that is considered by many to be the most stringent in the nation. This law does not just apply to Massachusetts businesses or companies with offices in MA, but any company or organization that has sensitive information on Massachusetts customers. While this law has been twice pushed out for its effective date (currently January 1st 2010) there is a lot that needs to be done to be prepared for this law and the ten months remaining until its effective may still be a tight deadline for many.

Companies that do not have to adhere to the MA regulation or the PCI standards would be wise to use these as the benchmark of what IT Security should mean to their organization. Other states as well as the federal government are already looking at the MA regulation and considering ways to adopt similar legislation. Regulations aside, we owe it to our employees, business partners and customers to do all that we can to protect sensitive information. IT security needs to remain among your top priorities.

--- Bill Malone, Director, Global Professional Services, Akibia

LABELS:

Bill Malone,

Security

Post a Comment

BLOG ARCHIVE

• 2010 (5)
  • March (1)
    • Why HP is Worried about Third Party Maintainers
  • February (1)
    • Has the Sun Set on Flexible Support Options?
  • January (3)
    • You Inherited Your Cisco Infrastructure, But Do You Know Why You are Still Buying It?
    • Your Workers are Surfing While Snacking on a Big Mac - Time to Revisit Managing Your End-Point.
    • Ensuring Security in the Virtualized Environment
• 2009 (34)
  • December (1)
    • Monitoring Via the Cloud
  • November (2)
    • Sun Makes More Changes Amid Uncertainty
    • Sky High Cloud Chatter
  • October (2)
    • Improving Vulnerability and Patch Management
    • A Couple Quick and Easy Green IT Steps
  • September (3)
    • Don’t Put off Until Tomorrow…
    • Boston's Missing Email Case Has Many People Asking Questions about Digital Forensics
    • IT Needs Turbo Compliance
  • August (3)
    • Take Full Advantage of System Monitoring
    • Implement, educate and enforce strict Social Media usage policies – in that order
    • Preparing for a Return to Growth? It’s Not Too Soon to Make Process Improvements
  • July (2)
    • Death by A Thousand Processes: Getting Compliance Right Requires a Change in Thinking
    • Wrest Control of Your Data Center Back From the OEM
  • June (3)
    • Getting Ready for Cloud Computing
    • A Letter to Ralph Szygenda, the CIO of General Motors
    • Lax Web Site Security: The Site Owner's Responsibility
  • May (3)
    • The Checklist Approach to IT Security is Failing You
    • Financial Strength of Your Vendors…Show Me the Money!
    • PCI DSS v1.2 and its Requirement from WEP to WPA Wireless Encryption
  • April (4)
    • The Near-Term Impact of Oracle Buying Sun
    • On the Path to the Cloud... Walk Before You Run
    • CIOs Need to Manage Up, Broadcast Successes
    • Consolidate Support Vendors?
  • March (4)
    • A Potential Sun Acquisition - Impact on Service
    • April 14 is Decision Day for Those Running Microsoft Exchange 2003
    • HIPAA Revitalized in 2009 and Beyond
    • Ten Steps for the Mass Data Security Law
  • February (7)
    • Tightening Budgets and Their Impact on IT Security
    • Recent Breaches Remind us to Focus on Security
    • The Training You Need Vs. The Training You Receive
    • Emphasizing Virtualization Security
    • DNS Audits: A Practical Guide
    • Practical Green IT
    • "Practical Use" Fills the Gap Between Idea and Implementation

BLOGS WE LIKE

• CIO - Blogs and Discussion - Best Practices
• InformationWeek’s Global CIO Weblog