The modern organisation has changed drastically over the past few years. The economic climate that ended last decade has helped make businesses more frugal, instilling a requirement in most to get departments to do more with fewer available resources, and IT is no exception.
IT admins are required to do more and more with less money and people, whilst having to ensure that the IT department is able to respond to up-and-coming trends, as well as the day-to-day requirements of the business and unseen threats. Here are five trends that IT departments need to be aware of and prepare for.
1. Shrinking budgets
Every pound you spend is going to have to be stretched further. The applications that you purchase need to do more than one job, and everything can be used for more than one purpose. When you look at new software, whether it's for testing, patching, or security assessments, look for multi-tasking programs that can perform multiple functions.
2. New devices
New devices are coming out from every major vendor, in every conceivable form factor. Tablets, phablets, phones, Ultrabooks, wearable devices and embedded devices are flooding the market. Businesses will be looking at what devices they will adopt and how IT will support them. What IT will have to worry about are the devices running operating systems that can't be backed up, managed, or imaged with standard tools.
Many of those new devices are going to be connecting to your network whether you are involved in their selection or not, and the tech savvy users buy their own and will use them at work. Ignoring BYOD, pretending it will go away, or refusing to permit it on your network are all strategies destined to fail.
The best thing you can do is start to focus on securing data, implementing user policies and strong authentication, and providing these devices with network access that is restricted and controlled. Guest networks, remote portals, and extranet applications are all ways to address BYOD, but don't assume that just because you don't own it, you can't manage it.
4. Reduced headcount
The other side of the coin is a reduced headcount, and the same things we discussed in the previous point apply here. Whether current staff are asked to do more, or someone on your team decides to move on, it's unlikely you will be able to expand your team or even backfill existing roles if someone leaves. The best approach is to diversify the skillset within the organisation by cross-training staff. This way you will have capable employees who will be able to undertake a variety of tasks.
5. Advanced Persistent Threat (APT)
Threats are always going to come around and bad guys will always want to try and break into your network. The tools these bad guys use keep on evolving and will scan your network for ways to get in, and APTs are the next big thing. Rather than simply scanning for a target, the bad guys are scanning for you. You are the target, and it may take them days or weeks, but they are making a concentrated and focused effort to get into your network through you.
The annual vulnerability scan is a thing of the past, as now organisations need to carry out vulnerability scan perpetually, around the clock. Anything that is identified as a potential threat needs to be remedied immediately. It's not enough to patch once a month when new vulnerabilities are discovered daily. If an attacker is playing the long game, and patiently waiting for the one thing that you miss to find their way in, you need to make sure you miss nothing.
Knowledge is key
Knowledge is half the battle, and equipped with the knowledge relating to these trends, your organisation will be able to start planning a response to each accordingly. By being in a position where your organisation can adopt and support new technologies, and maintain service levels even when budgets are stretched, your organisation will maintain a high level of security and sanity.
- Sergio Galindo is general manager, Infrastructure Business Unit, GFI Software.