Maintain oversight of your IT environment
As a result of the digital transformation, the IT infrastructure of many organisations has been adapted so as to be able to cope with the growth in the various cloud applications and the substantial increase in the number of people working remotely. By 2023 over half of all IT applications are expected to be hosted in the cloud and the efficiency of ‘on premises’ infrastructure will no doubt have to be increased. Organisations will certainly reap the benefits of this development, but it will also bring many new challenges with it.
Too many organisations have carried out changes without properly informing themselves in advance. In time such changes lead to poor configuration, overloaded hardware and even demonstrable vulnerabilities in the IT infrastructure. Because each context and each business is different, it’s important first and foremost to carry out an analysis of your business. Look at your current way of working and evaluate the various processes. Only then can you adapt your IT infrastructure to make your business ready to support all new requirements.
Equipment and services
- Local servers
- Remote servers (hosting services, SaaS, etc.)
- Important functions
- Licences and validity
It is important for you to define the critical data of your business and to know which ones legal obligations apply to (e.g. GDPR). It is also important for you to be aware of where these data are hosted and to what extent they can be accessed, copied and even altered by someone with malicious intent (within the business or from outside).
Make sure you know which users connect to the IT system and how they gain access:
- User category (administrator, user, guest)
- Means of access (local or remote)
- Endpoint used
- And so on
An overview of this will enable you to check whether anyone still has access that shouldn’t (for example, a former colleague or service provider). In this way you reduce the threat.
Connections with the outside world
Finally you must also identify every internet access, including connections with service providers or partners. Incorporate them into the global inventory of your business. You can add filtering and control rules for each specific type of access.
Drawing up a balance sheet is essential in order to define the digital requirements and capabilities of your business. Keep the overview regularly updated. This will enable you to make better decisions as to which digital solutions are suited to your business and which points need to be better secured.