It’s an exciting time for businesses. The digital revolution is transforming the way we work, granting us streamlined processes to produce more, allowing us to work from anywhere and collaborate with teammates across all corners of the globe. New online tools promising improved productivity and collaboration appear every day, and thousands of articles are written on how these tools are changing the modern business.
However, the topic of information and system security and compliance often gets overlooked for more “sexy” and exciting subjects. While these practices might inspire groans or yawns from your employees and executives alike, there is no denying that online security and compliance are far more important in today’s connected world than they have ever been.
Online security breaches and hacks have dominated the news recently. From Target to Sony to AshleyMadison.com, hackers have exposed credit card information, private emails and the identity of individuals seeking extra-marital relations. While it may be fun to read the internal drama going on at Sony or the salacious details exposed by the Ashley Madison hack, all organizations dread a security breach of their own.
The reality of online security is that a network is only as secure as the weakest link within its infrastructure, software, and users. The best encryption and security software cannot always protect sensitive information if users don’t understand the tools they use or follow the protocols the organization has implemented. Hence, it is important for companies to make security and compliance readily available, engaging, and consumable for all employees. Taking the time to communicate IT security and compliance practices to your business and employees before you implement will improve its rate of adoption and overall success.
I recently had the privilege of working with a popular cable network provider that thinks security and compliance are very dry subjects yet “selling” the idea of IT security and compliance is regarded as paramount to meeting the high standards the organization itself has set. It is still very early doors in the implementation of a new security and compliance portal but the tactics applied are those usually reserved for marketing and communication teams and newer public facing websites that help to bring the information to life.
By applying the organizations brand, arranging the information, and turning the subject matter into easily consumable snippets and adopting “web” best practices (UI, UX, etc) we’ve built a modern user interface that aims to improve the internal “sellability” of IT security and compliance.
Take a look at the before and after (organization name withheld).
If recent hacks have taught us anything, it is that no information is truly secure once it makes it online; or within the confines of on-premises data centers. Still, there are certain steps that every organization can (and should) take, to keep sensitive information safe. Too often, these conversations dwell on the nitty gritty details of data encryption, end user IT usage policies or security software, when in reality the weakest and most damaging link in the security chain is users themselves and their understanding of the what, where, when and how.
If you’d like to know more about the project or the change management and user adoption practices rhipe Solutions has implemented to help successfully drive the adoption of the portal and the information within, please reach out at firstname.lastname@example.org.
Damien Robinson, GM Solutions US, rhipe Solutions