IT AUDIT & SECURITY

Ask The Right Questions About Your IT Strategy

11 June 2018

Most businesses approach technology as an evolving challenge. You don’t want to overspend on bells and whistles you’ll never fully use, but you also don’t want to get left behind as competitors use the latest tech tools to operate more nimbly.

To refine your IT strategy over time, you’ve got to regularly reassess your operations and ask the right questions. Here are a few to consider:

Are we bogged down by outdated tech?

More advanced analytical software can eliminate many time-consuming, repeatable tasks. Systems based on paper files and handwritten notes are obviously ripe for an upgrade, but even traditional digital spreadsheets aren’t as powerful as they used to be.

Do we have information silos?

Most companies today use multiple applications. But if these solutions can’t “talk” to each other, you may suffer
from information silos. This is when different people and teams keep important data to themselves, slowing communication.  Determine whether this is occurring and, if so, how to
integrate your key systems.

Do we have a digital asset-sharing policy?

Businesses tend to generate tremendous amounts of paperwork, but hard copies can get misfiled or lost. Sharing documents electronically can speed distribution and enable real-time collaboration. A digital asset-sharing policy could help define how to grant system access, share documents and track communications.

Do we have a training program?

Mandatory training and ongoing refresher sessions ensure that all users are taking full advantage of available technology and following proper protocols. If you don’t feel like you can provide this in-house, you could shop for vendors that provide training and resources matching your needs.

Do we evaluate user feedback?

A successful IT strategy is built on user feedback. Talk to your employees who use your technology and find out what works, what doesn’t and why. Answering questions such as these is a good first step toward crafting a total IT strategy. Doing so can also help you better control expenses by eliminating redundancies and lowering the risk of costly mistakes and data losses.

Do we have a security policy?

A security policy is the first line of defense against hackers, viruses and other threats. It also helps protect customers’ sensitive data. Every business needs to establish a policy for regularly changing passwords, removing inactive users and providing ongoing security training.

Beyond a security policy, it is also important to train employees on what to look for to prevent private data from being compromised. Cyber attacks occur more often than not because an employee falls victim to a hacker’s tricks. The key to preventing such occurrences is through employee social engineering training. OCD-Tech, the IT Audit and Security Division of O’Connor & Drew works directly with companies and their employees and trains them on the latest techniques that hackers use to steal private information. Contact us today or visit our website at www.ocd-tech.com to find out more information on social engineering as well as the many other services that we offer.