Hard-pressed decision-makers within fast growth businesses typically focus on building a strategic vision and creating working cultures that support creativity, innovation, profitability and competitive edge. They want to drive growth by establishing incremental revenue streams and driving up margins, while keeping operational costs and overheads to a minimum.
Issues around security, data protection and business continuity have also historically been seen as critically important. However, they have not always been prioritised by expanding businesses who see establishing a strong position in their chosen marketplace as a more urgent concern.
Failing to counter these threats has never been a viable option for these organisations. This is even more true given the current environment where their importance has been highlighted by the advent of GDPR and the recent growth in the cybersecurity threats facing organisations, including ransomware and cryptomining.
Data protection is key
What these issues have in common, of course, is they all underline the need for businesses to better protect the data they hold. In the case of GDPR, it is typically other people’s data that is the key focus. Even today, many organisations are still ignoring it and hoping it will go away. Unfortunately, it won’t. Organisations need to have a best practice culture in place when it comes to managing and protecting the personally identifiable information they hold. A significant part of that will come down to the processes and procedures that the organisation itself puts in place to ensure that data is protected, but technology can and should play a key protecting role.
Even with GDPR continuing to make the headlines today, it’s important to highlight that the network security, business continuity and data protection issues that most organisations face extend far beyond GDPR alone.
Network security is clearly one of the most important areas any business is likely to face today. As well as the obvious extreme case disasters that can affect the business there are also more ‘run of the mill’ every day occurrences that can leave an organisation’s business data at risk of being inaccessible for a long period of time, and in the worst cases, forever. System malfunction, employee misconduct or external threats can all cause a security breach. Spam-based attacks and threats from hackers are evolving and becoming more sophisticated all the time.
Every organisation should be aware, that it may need to put a disaster recovery approach in place if it becomes the victim of a security breach. In May 2017, for example, the NHS announced that it had been a victim of a global cyber-attack, which affected more than 300,000 computers across the world. The attack, caused by a ransomware known as WannaCry, locked healthcare professionals across the UK out of their computer systems by encrypting important patient data and demanding a cash ransom in order to access the computer system.
Its seriousness highlighted the need for organisations to have disaster recovery plans in place to ensure they are fully equipped to deal with potential cyber-attacks in the future.
Any short or prolonged period of uncertainty can result in real damage to an organisation’s reputation and lead to a lack of productivity and increased costs. This can seriously restrict the organisation’s ability to keep on top of customer expectations and respond to growing business demands.
Closely linked to disaster recovery is the whole area of business continuity. Unforeseen disasters can, after all, have serious consequences for any business and their staff. That’s why it is important for every organisation to have in place a continuity programme that allows their employees to continue working whatever the circumstances. Any loss of productivity can impact immediately, and, depending on its seriousness, could even put the future trading of the organisation at risk.
Finding a way forward
The issues of network security and data protection are so interlinked that most businesses tend to see them as a common challenge. Yet, with their focus squarely on innovation, expansion and cost control, these issues tend to be put on the back burner by businesses as they grow.
This is why those businesses that are still ignoring the upcoming deadline for GDPR probably have a head in the sand approach to business continuity and disaster recovery too. Often too, there is the perception that they do not have either the time, money or resources to deal with the issue. Senior management are focused on the core business, they often have little funds spare to spend on anything other than their strategic goals and they typically will lack the necessary resources to even consider managing IT in-house.
For this reason managed IT services approach might be an attractive proposition for them. It gives them the opportunity to put their IT operations in the hands of specialists and experts who can help them to protect their business from cyber-attacks; ensure data is safe and secure and prevent embarrassing security breaches. For only a few pounds per month, per user, companies can encrypt their cloud based email and ensure this and their data is suitably backed-up – helping guard both against non-compliance and protect their data from cybercrime and/or loss through a fire or other natural disaster.
Businesses need to weigh these benefits up against the risks of not doing anything or trying to manage the IT process themselves and then falling short of the mark. Fines for non-compliance with the GDPR regulation could be up to €20 million, or 4 per cent annual global turnover – whichever is higher – and a data breach or major loss through flood or fire could result in a long period of downtime and therefore prove just as disastrous to the business. In fact, smaller firms don’t recover at all from a catastrophic data loss, with many failing to remain in business more than one year after such an event.
Fortunately, there is an alternative. By pursuing an IT managed services approach, companies can employ a ‘win, win’ strategy – finding a suitable, affordable solution for all their data security and integrity, GDPR compliance, business continuity needs. It’s a compelling proposition and for many growing businesses today, an approach whose benefits are too attractive to ignore.
Jamie Coombs, group professional services manager, Altodigital
Image source: Shutterstock/Carlos Amarillo