This article can also be found in the Premium Editorial Download "Information Security magazine: How to be successful with your security steering committee."
Download it now to read this article plus other related content.
YOU'D HAVE A TOUGH TIME finding the small or medium-sized business that doesn't rely on technology to help it both thrive in good times, and better weather the bad times. And with technologies such as Web 2.0, cloud computing and virtualization emerging, there's an evolution under way that could enable SMBs to compete- to get more done with less, raise productivity, and protect or increase profits.
"Maintaining an up-to-date IT platform is essential for the competitive success of almost every business, and it can serve as an equalizer for small and medium-sized businesses as IT increasingly fuels everything from back-office operations to customer sales and service," says Chaim Lowenstein, CIO at solutions provider Web Commerce LLC.
Jim Peterson, technology coordinator at Goodnight Memorial Library in Franklin, Ky., agrees, and adds that forging relationships with other senior managers and executives can be key to raising security's profile within the company. "Most small businesses have budget constraints. While the case for security is easy to make, many small-business managers will balk at the price of appliances, servers, software and services," Peterson says.
Fortunately, there are signs that this type of attitude is starting to change.
A CDW Small Business Driver's Seat Report published in April found data security to be the most pressing interest of SMB executives-coming in as a higher priority than wireless technologies, business
The survey also found that 47 percent plan to have a formal business continuity/disaster recovery (BC/DR) plan in place within three years. And of those without a dedicated IT worker, 33 percent will create that position in the next three years.
THE RELATIONSHIP EDGE
That data is welcome news for anyone charged with securing SMB systems.Most SMB managers say getting the ear of management is the key to increasing the security budget, and that starts with forging solid relationships with business unit leaders.
"Relationships with other business units are very important. Those units, if not part of the entire security plan, can undermine any efforts that get put into place. Security is a company effort, and managing the different aspects of security requires that all business units participate and support the security plan," says Tom Schill, VP of operations at mobile search firm Medio Systems.
Having all aspects of a business carry their weight (or at least not fighting security expenditures) is ideal. But it's not always easy getting there. Most security managers at smaller firms say they try to tackle major security projects one at a time. This may involve first securing the network perimeter, getting BC/DR plans in place, then maybe focusing on Web applications, rather than trying to do too much, too fast.
This was first published in January 2009