IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

Business of IT: Building a business case for security

Security can be both the unseen hero and the weakest link in an organisation, so how do you make the case to spend enough to protect your organisation's most vital assets? Stephen Pritchard investigates...

IT security is often likened to insurance: companies only spend money on it, after they have suffered from an attack, or from data loss. And some spending on basic, IT security is a basic cost of doing business. No company can operate safely without anti-virus software, firewalls or spam filters. And no IT manager would seriously suggest that they could.

Go beyond the basics, though, and security takes on a different form. Companies can use security technology to enable the business to work in different, and often more productive, ways.

A virtual private network (VPN) enables home working. Encryption makes it safer for staff who need to work on the road to access sensitive data. Installing a PCI-DSS compliant security infrastructure allows the business to accept credit card payments.

Often security is seen a cost you don't receive a benefit for. Thinking of it in business terms is a mental mind shift.

Some more advanced technologies still open up further possibilities.

Biometric authentication allows IT managers to give staff access to data that they might not otherwise allow beyond the firewall.

Single sign on systems for authentication reduce the danger of employees storing passwords on sticky notes on their PCs but they also reduce the number of password reset requests to the IT department.

Some emerging technologies allow firms to restrict access to documents, based on where the user is in the world, allowing businesses to open up access to documents or data that regulators might otherwise restrict to office-based users. These innovations can make an organisation more effective, or more profitable.

Changing mindsets

However, security specialists, and security vendors, have not always been especially good at explaining how the technology can pay its way in business. "Often security is seen a cost you don't receive a benefit for," says Neil Campbell, Dimension Data's general manager for security. "Thinking of it in business terms is a mental mind shift."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

WatchGuard Firebox M290 review: Stiff security at a great price
unified threat management (UTM)

WatchGuard Firebox M290 review: Stiff security at a great price

23 Feb 2022
Sophos XGS 3300 review: Xstream firewall performance
Security

Sophos XGS 3300 review: Xstream firewall performance

7 Jan 2022
Ubiquiti Networks UniFi Dream Machine Pro review: All the security you need in one handy box
Security

Ubiquiti Networks UniFi Dream Machine Pro review: All the security you need in one handy box

18 Nov 2021
Big zero-day flaw found in Palo Alto security appliance
internet security

Big zero-day flaw found in Palo Alto security appliance

11 Nov 2021

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022