IMGCAP(1)]For many, spring marks the start of the next fiscal year and that means new budgets.
Congress and President Obama are familiar with budget dilemmas as they’re currently burning the midnight oil struggling with spending reductions. I’m sure it won’t have helped that the Pew Fiscal Analysis Initiative recently updated its report on ways to reduce the federal debt, finding that only large spending cuts or tax hikes, or a combination of the two, would put a significant dent in the national debt.
For organizations the dilemma isn’t very different. It’s unlikely that the budgets you’ll be setting for the next 12 months will be an increase from last year; instead you’ll be asking where savings can be found. Let’s spare a thought for the IT department managers who now face the even tougher predicament of maintaining the same level of service with less money. So, is it possible to generate some savings and still provide good quality service?
It would be too depressing if the answer was no. Thankfully, it can be yes. However, any areas where savings are to be found must be carefully chosen to ensure that you do not jeopardize the mission of the organization.
For example, consider the situation where a government department has thousands of users working on a Windows-based platform. A new version of the OS is released, which has some nice features, but is it really needed now? The cost of upgrading thousands of users will be high, not just to buy the software but to install it and re-train the users. It could involve using external contractors and might necessitate upgrading hardware.
Delaying this decision for a few years could be fiscally prudent at the moment, unless the new release contains a must-have security feature. Similarly, delaying the upgrading of hardware will produce mid-term savings. Eventually it will have to be done, but much of it can be put off until times are easier.
Reducing the cost of external consultants can provide big savings. This doesn’t have to mean that the work won’t get done—just not yet. What it will mean is that external consultants will share the pain of reduced overall budgets and that contracts will have to be re-negotiated to produce more efficiency and lower hourly rates. That can be done in the interest of long-term relationships.
It’s evident, then, that cuts can be made and just about everyone could think of an area to start on, but one area that needs careful consideration before anything is done is IT security. Recently the government identified “hostile attacks upon cyber space” as a major risk to our national security. Anyone thinking of cutting back spending in this area needs to be certain that security is not being compromised. The federal government said that it would be spending large amounts on this. Figures of $55 billion have been mentioned, but has anyone actually seen any additional funds yet?
There are, however, things that can be done in the security area that can reduce short- to mid-term costs without placing the organization’s IT security at risk. Today, every organization should be using security solutions at the desktop and network level.
There can be no compromise at the desktop level. Antivirus software must be kept up to date, as the expense to the organization of curing a virus infection can be immense—not to mention downtime, risk of data breaches, etc.
At the network level it’s important to know that your firewalls work correctly as your first line of defense against hackers.
It’s always tempting to splurge on the latest and greatest software or piece of hardware because the vendor claims it’s the “best thing since sliced bread.” However, there are ways to make your existing network security kit work more efficiently and thereby extend its life.
To do this you’ll need to use one of the IP filtering testing solutions that are available. These tools test your network security and tell you if, and where, there are problems. The better ones will actually give you a fix should a problem be found. By applying the fix to the firewall, you can put off the day when you will need to replace it. Regular testing could extend the life of the kit by a considerable amount. Using one of these tools can also produce further savings by reducing the need to employ external penetration testing, which is time consuming and expensive.
By employing IP filtering testing, you can significantly reduce the amount of time spent on testing, enable more regular testing to be performed, enable the testing to be done by internal staff and reduce your reliance upon external pen-testers. This will save money and improve security. It’s a double windfall.
In the present economic climate, budget cuts are very real and we haven’t heard the last of them. If you’re asking your IT team to generate savings without sacrificing security, it’s important they have the tools to correctly identify what these savings should be and that they can be made safely. Improved security comes at a price, but isn’t it refreshing to discover it can be at a lower one!
Will Hogan is vice president of sales and marketing at Idappcom Ltd., developers of Traffic IQ Professional, a network vulnerability assessment tool. For further information, visit
