In-depth

Business of IT: Building a business case for security

Security can be both the unseen hero and the weakest link in an organisation, so how do you make the case to spend enough to protect your organisation's most vital assets? Stephen Pritchard investigates...

IT security is often likened to insurance: companies only spend money on it, after they have suffered from an attack, or from data loss. And some spending on basic, IT security is a basic cost of doing business. No company can operate safely without anti-virus software, firewalls or spam filters. And no IT manager would seriously suggest that they could.

Go beyond the basics, though, and security takes on a different form. Companies can use security technology to enable the business to work in different, and often more productive, ways.

A virtual private network (VPN) enables home working. Encryption makes it safer for staff who need to work on the road to access sensitive data. Installing a PCI-DSS compliant security infrastructure allows the business to accept credit card payments.

Often security is seen a cost you don't receive a benefit for. Thinking of it in business terms is a mental mind shift.

Some more advanced technologies still open up further possibilities.

Biometric authentication allows IT managers to give staff access to data that they might not otherwise allow beyond the firewall.

Single sign on systems for authentication reduce the danger of employees storing passwords on sticky notes on their PCs but they also reduce the number of password reset requests to the IT department.

Some emerging technologies allow firms to restrict access to documents, based on where the user is in the world, allowing businesses to open up access to documents or data that regulators might otherwise restrict to office-based users. These innovations can make an organisation more effective, or more profitable.

Changing mindsets

However, security specialists, and security vendors, have not always been especially good at explaining how the technology can pay its way in business. "Often security is seen a cost you don't receive a benefit for," says Neil Campbell, Dimension Data's general manager for security. "Thinking of it in business terms is a mental mind shift."

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021
New malware uses search engine ads to target pirate gamers
malware

New malware uses search engine ads to target pirate gamers

21 Jul 2021
SonicWall warns of imminent ransomware campaign on VPN hardware
virtual private network (VPN)

SonicWall warns of imminent ransomware campaign on VPN hardware

16 Jul 2021
Researchers send “unhackable” quantum data over 370-mile optical fiber
data protection

Researchers send “unhackable” quantum data over 370-mile optical fiber

11 Jun 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021