Official TEKConn Blog

Not too hot, not too cold: The Key to effective IT security

Like Goldilocks' porridge, IT security solutions need to be just right for a specific company's needs.

Like Goldilocks' porridge, IT security solutions need to be just right for a specific company's needs.

Why do parents tell their children fairy tales? In some cases, a fantastical tale may be the key to getting a toddler to go to bed at night. Of course, there's also the joy of spending time with one's children and seeing their faces light up as they are riveted by storied adventures.

But, many fairy tales also have deeper meanings – lessons to be learned and applied to everyday life. Such is the case with the story of "Goldilocks and the Three Bears." Little did parents know they were teaching their kids about IT strategies in the modern business world.

When it comes to network security, think of IT strategies in three categories. There are over-protective solutions, under-protective ones and those with just the right amount of protection.

A recent TechRepublic article emphasized the need for a balance between going too far and not going far enough when it comes to cyber security measures.

"Under-securing some things while over-securing others has a common root cause: The lack of a real process for assessing and managing risks," wrote Rob Woerner, the article's author. "Decisions about security approaches to particular issues should be guided by a simple rule: Risk = impact x probability, offset by the cost of mitigation."

The key to effective IT strategies is finding a balance between the two extremes – the mama bear and the papa bear – and ending up with the one that's just right – the number one choice of the baby bear.

While this may sound humorous, the core concept here makes perfect sense. Going overboard on network security will hamper employees' ability to do their jobs efficiently – perhaps even prompting them to look for ways around best practices.

Conversely, not giving enough attention to your IT assets leaves the door wide open for net ne'er-do-wells to wreak havoc with your systems.

With managed IT support, there is always someone to assess and manage risks, as Woerner mentioned, and safeguard a company's critical information and resources.