Undeniable technology trends such as “BYOD” (Bring Your Own Device) and the “Internet of Things (IoT) are pushing companies not only to improve their data security practices but, in many ways, causing them to dramatically rethink their approach to data security.
That was the assessment of top Gartner analysts at the technology research and consulting firm’s annual Security and Risk Management Summit. And though they were talking primarily to – and about – large corporate enterprises, their analysis is just as important for owners and managers of small and midsize companies to understand.
In fact, because of their typically limited technology resources and budgets, the Gartner folks’ analysis might be even more important for the leaders of small and midsize businesses.
What the Gartner analysts see is a rather dramatic change in the way enterprises think about and organize around the task of maintaining data security in a rapidly changing and evolving environment. By 2017, Gartner says, at least one-third of all large businesses will no longer have a “Chief Information Security Officer,” or CISO. Instead, they’ll have a “Digital Risk Officer” whose job it will be to assess and secure every aspect of digital connectivity.
That will include finding and understanding any new risks created by plugging hundreds (or even thousands) of remote-sensing devices plugged into their networks as the Internet of Things concept spreads rapidly.
Today’s Security Techniques Won’t Hold Up in the Future
Technology advances also mean finding and understanding all the new risks created by the dramatically expanded use of remote computing devices, ranging from the desktops used by telecommuting employees to handheld devices used by traveling managers or salespeople. BYOD lowers corporate hardware expenses but puts new pressure on network and data management and security budgets. In addition, companies are seeking to make their networks compatible with a wide range of devices and platforms.
In plain terms, the explosion of both BYOD and the IoT threaten to swamp conventional and even today’s state-of-the-art firewall and other security tactics, software and hardware. The threat is a matter of both increased volumes of information entering and being processed by corporate information systems and radically different types of information, organized in new and exotic ways that will approach artificial intelligence.
For really big companies, the sheer number of workers, devices, transactions and data movements compounds the challenges. But that does not mean that small and midsize companies won’t face such data volume-driven pressures. They will. And their volume increases are likely to be just as big and challenging, relative to the scale of their existing operations. Indeed, they very well could be more challenging because of the historical limitations of their technology budgets and staff expertise.
Outside Advice Can Keep SMBs from Big Security Problems
That means small and midsize enterprises would be wise to seek outside IT security advice and expertise now in order to avoid falling behind the growing data security challenges being driven by trends like BYOD and IoT. Falling behind eventually could lead to the kind of disastrous data breach that violates the confidence of your company’s customers, vendors and employees in ways that can lead to a crippling loss of market share, revenue and profits.
All SMBs should be conducting (or hiring an outside consultant to conduct) an annual security assessment that ensure the enterprise meets the compliance requirements of its given industry as well as making sure firewalls and intruder detection and protection systems are up to snuff.
IT security long ago ceased to be a simple matter of running anti-virus programs and erecting firewalls. As the Gartner report points out, security is a complex science and a moving target, so don’t let your company be caught off-guard.