Apr 26, 2017 5:41 AM PT

IT mistakes that could cost an organization millions

Expensive lessons that no security N00b wants to learn


Get your ducks in a row

Often when you are new to a job, all you can think about is making a good impression--not screwing up. In security, though, there are lots of pitfalls that can be disasterous to the organization. 

To help the N00b get all their ducks in a row, Greg Hoffer, vice president of engineering at Globalscape, offers these examples of what could be costly mistakes so that those who are new to the industry can focus on the fix and safeguard both the enterprise and their careers.


Leaving legacy systems in place

The mistake: Issues stemming from legacy applications are one of the most difficult IT pros face today. Digital business initiatives have increased the need to exchange critical data across widespread, disparate systems. Yet, 57 percent of organizations are using gateway technology that’s more than 5 years old (Ovum Research).

The fix: Audit your IT systems to discover and address any legacy vulnerabilities.


Failing to account for business growth

The mistake: Any integration technology that gets introduced into an organization should be capable of scaling across back and front office systems to make them more responsive. If your technology is not scalable, you’re likely dealing with a mish-mash of homegrown systems and thus an IT environment that will quickly become outgrown, costly and potentially unsecure and non-compliant.

The fix: Include all business units in IT management discussions to ensure plans are not made in a vacuum.


Failing to meet service-level agreements (SLAs)

The mistake: Your business commits to proving customers a certain level of performance and availability, but failing to meet these SLAs could easily result in breaches of contracts and lost revenue. Even worse, it could damage your reputation and ultimately lead to loss of customers.

The fix: Don’t skimp on bandwidth or reliability, and build delivery systems that can scale with your business needs.


Using the wrong tool for the job

The mistake: Working hard and working smart are two different things. The cost of not having the correct tools in place can set your team back significantly, both in time and money.

The fix: Consumer-grade applications may be attractive, but freemium comes with hidden costs when substituted for enterprise-grade.


Letting compliance slip by the wayside

The mistake: Those working in highly regulated industries like healthcare and financial services know all too well the hoops organizations must jump through to maintain compliance. Ensuring your organization is compliant can be an expensive and time consuming process but even more expensive is not complying with industry regulations and dealing with the repercussions.

The fix: No matter your industry, accept that there are at least two data protection regulations that apply to your operations; in conjunction with corporate counsel, seek out qualified consultation to identify and meet them.


Not establishing a disaster-recovery plan

The mistake: Downtime caused by a hardware or software failure, human error, or natural disaster can lead to severe data loss and affect your bottom line. Emerson Network Power’s 2016 Data Center Outage report found that one minute of downtime can cost an organization $8,851 on average.

The fix: Your disaster recovery and business continuity plan needs vary depending on the size and scale of your business. Start with a simple resource and work with a qualified service provider.


Failure to consider security

The mistake: IT security isn’t just about investing in tools like intrusion detection, data loss prevention, access and identity management. Any network component must support secure practice. Systems that support process automation, for example can reduce the risk of human error while handling sensitive data.

The fix: In addition to acquiring state-of-the-art security tools, thoroughly evaluate all technologies, applications, and service providers by their security policies.


Not working from a plan or not updating your plan

The mistake: IT leaders who create and continually improve their integration road maps are prioritizing purpose-optimized integration strategies to more efficiently scale operations. Enabling real-time, bi-directional data updates without requiring complex scripting, coding, and mapping of data is challenging, but deploying the right technologies and working with the right technology partner will strengthen your data integration posture.

The fix: Establish criteria for evaluating IT needs based on acquisition cost, operating costs/ROI, total cost of ownership, security, growth and other business needs.

Any other mistakes we missed? Head to our Facebook page to comment.