The Datamax Thinking Blog

Educating, collaborating, and sparking ideas for maximizing the technology that matters.

Begin Carving Out Your 2022 IT Security Plan With These 6 Questions


Good IT security practices require more than just a bundle of technology tossed at a potential problem.

Author and Poet Rumi once wrote: “I’ve said before that every craftsman searches for what’s not there to practice his craft.”

With December’s arrival comes the onslaught of 2022 business plan meetings for organizations everywhere. From new initiatives to important benchmarks, it is here that people will reach across department aisles and begin to carve out “what’s not there” in their strategies moving forward. Tools and ideas in hand, these craftsmen (and women) begin chipping away at a plan that promotes growth, sustainability, and successful culture for the ever-changing climate ahead.

Meanwhile, looming is the ever-present threat of a data breach. With business planning in session, is IT security part of the conversation? Or is it simply something that’s “not there?”

6 Questions to Ask Yourself When Carving Out Your 2022 IT Security Plan

1. Is Cyber Security an active part of the overall conversation?

As mentioned above, it starts with people and planning.

Good IT security practices require more than just a bundle of technology tossed at a potential problem. When executives and key stakeholders become involved with the conversation, cyber security is likely to become a holistic priority and an organization-wide best practice.

And why should it? Because the stakes are only getting higher, with Ransomware reigning supreme. In the first six months of 2021, global ransomware volume reached an unprecedented 304.7 million attempted attacks — already eclipsing the 304.6 million ransomware attempts logged for the entirety of 2020 (SonicWall).

And these conversations shouldn’t exist merely among C-level executives in lofty, oversized boardrooms. The SMB is just as vulnerable. According to Datto, 43% of data breaches target SMBs, most SMBs will not be able to recover from a cyber attack, and 60% of SMBs don’t have a cybersecurity policy in place.

2. Do we have the right security measures in place?

A firewall, an active antivirus solution, and a strong company password policy are traditional placeholders here. But there’s more.

To start, all organizations should use an Advanced Threat Protection solution for email. Email remains the most common threat. According to the 2021 Business Email Compromise Report from GreatHorn, of all security incidents suffered by organizations last year, BEC attacks accounted for 50%.

In addition to email, the risk of cyber threats being delivered and spread via other collaboration tools is constantly growing. Ideally, you want to use a security solution that protects different channels but is managed from one place. This will ensure your SMB is protected while reducing overhead and costs on your end.

A trust Managed Service Provider (MSP) can provide a thorough list of proactive steps and solutions to help secure the needed hardware and software for your organization.

3. Have we covered our copiers/MFPs?

The office copier, the workhorse of any organization, is more of an elephant in the room when it comes to IT security.

According to Canon, only 21% of IT decision-makers, influencers, and users have security features in place on their printers. MFPs today are sophisticated, connected devices that can transmit and receive information over a network, store information, and connect to cloud services. With such capability comes security vulnerabilities.

New call-to-action

4. Are our end users up to speed?

According to Verizon, 85 percent of breaches involved a human element of some sort.

This means, simply, that your end users are likely your weakest link in IT security protection. More than any line of a sophisticated technical lineup of security solutions, your users need to be educated on what a malicious email looks like, the lingering threats of social engineering, and the steps to take to mitigate attempted phishing attacks.

A trusted MSP can help facilitate such training.

5. Do we know what happens in the event of a breach?

If a breach occurs … what’s your backup plan?

Successful backup is the foundation for disaster recovery and business continuity. Without it, recovery and continuity cannot exist. Technologies that were created decades ago to store data are simply not enough. Antiquated methods, like tape backup, don’t lend themselves to the rapid recovery of business operations in a crisis.

When choosing a backup solution, growing businesses should look for these six things:

  • Comprehensiveness
  • Ease of use
  • Recoverability
  • Performance and reliability
  • Affordability
  • Scalability

6. Should we consider outsourcing IT?

It’s a question more SMBs are asking themselves as threat vectors become more sophisticated and vulnerability awareness widens.

Every craftsman searches for what’s not there to practice his craft. As organizations carve out their IT security initiatives and consider “what’s not there” in their strategies or capabilities, it’s a viable consideration: “ Is outsourced IT a viable option for us?”

At Datamax, we’ve heard the objections. We understand your concerns. That’s why created the eBook, “7 Reasons Not to Outsource Your IT.” We discuss the sentiments of those who have said things like “Outsourcing is too Expensive” or “A breach won’t REALLY happen to me,” and we help better define what a Managed Service Provider IS, and what it ISN’T. Click below to get your copy!

View eBook ›

Topics: Network Management Managed Services IT Consulting Technology Training Managed Services Provider MFP Security