- Cast a jaded eye on emerging technologies and modes of delivering technology. It seems counter-intuitive but there is a school of thought in IT that amounts to “There’s no school like the old school” and otherwise solid IT pros marry to technology and techniques they’ve used for years.
- Ignore investment in training and professional development. Inconceivable as it is some professionals don’t invest in ongoing training and education in their field. Purposefully and intentionally putting themselves behind the curve.
- Separate the IT budget from the budget for facilities. Strange as it may seem these things go hand in hand. Imagine that you have the best combination of servers imagineable, but your office doesn’t have sufficient power for all of the systems. Or, you have the computers, the power, but everything overheats and sensitive components are damaged beyond repair because of improper ventilation.
- Fail to consider non-technical security issues. A bulletproof firewall is great, enterprise-class anti-virus is fantastic, and you can’t go wrong with anti-intrusion countermeasures. What some forget is the simple fact of user error. All the best software and appliances in the world don’t matter if someone in your office downloads sensitive information to a thumbdrive and walks out of the building with it.
- Leave laptops with sensitive information unsecured. Maybe your office desktop environment is locked down tighter than Fort Knox during a security drill, but your IT professional forgot to secure the your laptop and it was stolen out of your car (See SADA’s post about notebook theft).
- Dismiss remote users as an exception to the rule. Telecommuting is getting to be so commonplace as to be unremarkable. Five years ago it was still fairly unusual for someone to be working on their office computer from their laptop at home. Now it’s common practice, and the security measures that are in place for the office need to be duplicated on systems accessing the network through terminal services.
- Don’t stay informed about upcoming updates and their potential benefits. Software, applications, anti-virus, and security measures are changing constantly. So, too are viruses, spam attacks, and email phishing bots. Staying on top of updates and the latest technology is like keeping on top of your immunizations. It might be a pain, but it’s worth not getting sick.
- Ignore news, analysis, and industry or peer-driven blogs. As new techniques and technologies develop someone is always writing about them. It’s essential that your IT team is reading what these people have to say.
- Keep their own counsel when evaluating new technology. If your IT department is holding a log of closed door meetings, then suddenly there’s a new suite of software on everybody’s computer, this could be a problem.
- Fail to update the disaster recovery plan. Your disaster recovery plan should probably not be a ream of hand-written pages in a dusty folder in the very last rusted filing cabinet of your company’s storage facility. The disaster recovery plan needs to be reviewed and updated regularly to ensure the survival of your company if the worst should happen.
To view the article on Eweek click here