Blog / Three Considerations for Improving Cybersecurity
Ask yourself these three questions when improving cybersecurity.
Improving cybersecurity can be a tricky task. The uninitiated might assume that the only thing to be concerned with is indeed computer security, but there are plenty of other moving pieces involved and the reality is that the situation is much more complicated. However, given the dramatic rise in cybercrime over the years, it’s no wonder businesses are always looking for new tools to protect themselves. With that in mind, here are three important issues for you to consider before improving your cybersecurity.
- Will the tool/change actually improve security?
- Will staff require training?
- Will the tool/change cause disruptions?
Will the tool/change actually improve security?
Your first consideration should be to ensure that the proposed tool or change will actually provide the security you’re looking for. As an example, let’s assuming you’re looking to improve password security with a password manager. To be effective, the chosen app will need to be able to store passwords for anything your users may secure with them, including various tools or software as well as websites. If your password manager winds up storing only website login information but not the mission-critical application you’re trying to secure, it won’t do much good, and making staff remember when they need to use the password manager and when not makes using the tool annoying.
Will staff require training?
Next, consider whether your staff or users will require training and prepare it in advance. Many cybersecurity enhancements happen behind the scenes, but let’s stick with our password manager example. Although they may seem straightforward, you’d be surprised how few truly know how to make use of them. Adding a password manager to your defenses, and requiring that everyone use it, may be the right step for improving cybersecurity at your organization, but making changes that impact staff workflows in any way means ensuring the improvement is handled properly and being prepared to train staff.
Will the tool/change cause disruptions?
Finally, consider if the planned security improvement could cause problems for staff trying to do their jobs, and not just whether they understand how to use a new app. Most cybersecurity is meant to prevent people from accessing information or performing dangerous and unauthorized operations. Installing new software or making changes to important settings are inherently dangerous because they can have wide ranging impact, so clearly user access should be limited, but if your new security features interfere people from doing their job, well, that’s a problem.
Improving cybersecurity isn’t as easy as it sometimes seems. You need to balance security with usability. Sometimes that means changing and updating cybersecurity measures to mesh with peoples jobs, and sometimes it means changing staff’s roles or duties to suit new necessary measures. As usual, the best course of action will be determined by the specifics of the security issue you’re trying to solve. It’s one of the more interesting challenges of maintaining useful and effective cybersecurity.
Today’s Shakespearean wisdom comes from The Taming of the Shrew; “Old fashions please me best; I am not so nice To change true rules for odd inventions.”
If you’d like additional advice for improving cybersecurity at your organization, contact TRINUS to talk to one of our cybersecurity professionals today, and get yourself some stress-free IT.
Be kind, courtesy your friendly neighbourhood cyber-man.