My responses to the reasons I listed in yesterday’s post.

1. Concerns over User Complaints: I am a Dad so the question I thought of is who is in charge of the house you or the kids?  In my house I set the agenda not my kids.  I take input from them but ultimately I have to do what is best for my family.  Yes I know the cake is good but you can’t have it for breakfast.  Put that down you may get hurt…
2. Concerns about Usability: Security doesn’t have to mean inability.  Properly rolling out a project means planning and executing on the plan.
3. Performance Concerns: Properly deployed security means it is behind the scenes and effective.  Performance should not enter into the picture.
4. Lack of Understanding: Software needs to work with the security infrastructure and the company objectives not the reverse.  You are liable in the event of a breach so it is time to ramp up your skill set and lock it up.
5. No Internal Bandwidth: Then hire the right contractors or firms.  You are at risk an no one else.  When a breach occurs who do you management will hold accountable?
6. Money is Tight: That is a real concern.  How much will a breach cost?
7. We are too Small: On the internet you are just a number (IP Address).  The hackers will decide what on your network is valuable, take it, and then sell it.  McDonald’s doesn’t make money off of selling one hamburger a day do they?
8. No Mandate from Audit:  But if they make it a priority they will find you out of compliance.
9. Where to Start:  Get an assessment, a plan, and then decide on the path.  The mountain is always huge but Everest is climbed one step at a time.
10. No Pressing: To quote my friend Stephanie, “Seriously?”  Do you read the news?  What is a bigger priority?