Insurance and Security - Whats the way to go for IT Managers?
Sorry bloggers i have been away mending my way to a better future and didn't live up to my expectations of keeping you posted. I did write something about infosec and i got several personal reactions from my cohorts and thought it wise to have a share of what they thought about.
Some of them probably thought differently, argued in a more technical way and gave me a piece of their mind. I managed to make a summary of their thinking and came up with this.
Many organisations today are facing a dilemma of choosing whether investing in securing corporate IT assets is a worthwhile deal. Others feel its a gimmick by system administrators to enjoy the luxury of keeping the organisation on its toes.
However the big question remains, is it worth it for any organisation let alone an individual to have IT security? Imagine having a system worth $1000 carrying all your data, probably data you have been working on for the past 2 years! How much security would you put to it. Many thought that half [$500] is understandable, quarter of it about $250 is a risk, whereas others thought that anything less than $250 is a trigger to a disaster. I could have agreed with some of them but i thought that making the right choice of security can be appropriate moreover cost effective and manageable if well implemented. How much is an anti-virus? What about a firewall? A security guard? or Fire Alarms? or even Back ups - both onsite and offsite?
Certain questions though came up in several discussions and one person thought of 'what if you lost all your data' which of course is a real disaster, would you think of a quicker solution or is it a prerequisite that IT assets are secured first before a disaster happens. Do we need a DRP for even a stand alone PC?
Others had completely different thoughts and vehemently defended their position of argument. What about a thought of insurancing your corporate assets? Does it create more comfort than say an antivirus? Will you be assured of a refund of the data or only the IT asset itself. What about data recovery? Do insurance firms insure against data loss or hardware loss? Insurance has been more of a soft landing than a long term solution some have argued. So whats the way to go?
Sorry bloggers i have been away mending my way to a better future and didn't live up to my expectations of keeping you posted. I did write something about infosec and i got several personal reactions from my cohorts and thought it wise to have a share of what they thought about.
Some of them probably thought differently, argued in a more technical way and gave me a piece of their mind. I managed to make a summary of their thinking and came up with this.
Many organisations today are facing a dilemma of choosing whether investing in securing corporate IT assets is a worthwhile deal. Others feel its a gimmick by system administrators to enjoy the luxury of keeping the organisation on its toes.
However the big question remains, is it worth it for any organisation let alone an individual to have IT security? Imagine having a system worth $1000 carrying all your data, probably data you have been working on for the past 2 years! How much security would you put to it. Many thought that half [$500] is understandable, quarter of it about $250 is a risk, whereas others thought that anything less than $250 is a trigger to a disaster. I could have agreed with some of them but i thought that making the right choice of security can be appropriate moreover cost effective and manageable if well implemented. How much is an anti-virus? What about a firewall? A security guard? or Fire Alarms? or even Back ups - both onsite and offsite?
Certain questions though came up in several discussions and one person thought of 'what if you lost all your data' which of course is a real disaster, would you think of a quicker solution or is it a prerequisite that IT assets are secured first before a disaster happens. Do we need a DRP for even a stand alone PC?
Others had completely different thoughts and vehemently defended their position of argument. What about a thought of insurancing your corporate assets? Does it create more comfort than say an antivirus? Will you be assured of a refund of the data or only the IT asset itself. What about data recovery? Do insurance firms insure against data loss or hardware loss? Insurance has been more of a soft landing than a long term solution some have argued. So whats the way to go?
Comments