Common IT Mistakes Made to Meet Security Compliance

Companies often make mistakes when rushing to meet regulatory compliance deadlines. You should be careful to ensure you don't weaken your company's security in the process. Below are 5 of the most common ways companies make these security missteps:

  1. Botched Multi-factor Authentication - Many companies acknowledge that the old "Username/Password" log in isn't secure, however a good amount of them don't implement multi-factor authentication properly. In an attempt to hurry through this or implement override exceptions they can end up spending huge amounts of money on being even less secure than they previously had been.
  2. Lack of Research - Implementing any "do-able" software in order to become compliant can end up costing you on the back end. Do your research ahead of time to make sure the technology is up to par with what your organization needs and expects.
  3. Retrofit Fail - Implementing a new security tool that isn't compatible with your current system is a common error and can end up causing big headaches later. Whenever you implement a new software solution you should simultaneously implement security from the beginning, and when implementing it later be sure to verify compatibility.
  4. Extremism for Compliance - Don't let fear lead to extreme "blanket" measures that make the situation worse - or have no benefit to your staff.
  5. Poor Data Gathering Processes - Gathering data and not using it properly or gathering the wrong data and failing to establish business intelligence will result in a waste of time and money.

The best way to avoid these errors is to slow down and take careful stock of where your company's greatest risks are. From there do your research of the security tools available to purchase.

In addition to avoiding a "rushed" implementation of security tools, don't forget to protect your company's privacy from computer forensics. A couple of great options include:

  • CCleaner - This freeware is downloadable from the internet and can help you clean out many areas of your computer including: temporary files, Internet history, download history, your recycle bin, recent documents, windows log files and more. Learn more about this product at www.ccleaner.com.
  • Derik's Boot and Nuke - If you're looking to recycle or donate old computers to charity and want to ensure all data is erased this can be a good option. However, DO NOT USE THIS PROGRAM UNLESS YOU ARE KNOWLEDGEABLE ABOUT COMPUTERS - IT CAN TURN YOUR COMPUTER INTO A ROCK. This program quickly and completely erases all hard drives. Learn more at www.dban.org.

For more information about Security Missteps click here.

Peter Heinicke

Peter Heinicke

Chicago area ERP consultant and Managed Service Provider with over 45 years of experience in Sage 300, Sage Pro, Quickbooks ERP and other systems


Recent posts

Related posts

Sage One Complete: Cloud based accounting system for SMB's

How many of you have ever heard of Sage Accounting Software? Seriously, how many of you have ever...

Continue reading

If You Accept Credit Cards, PCI Compliance Applies to You

Regardless of size or industry, all companies that accept credit cards must adhere to the...

Continue reading

Software as a Service: Cloud Computing

In the last two years or so the idea of software as a service has become quite a hot topic....
Continue reading