Sabre IT professional risk management
» » » Professional Risk Management for Security Administration

Professional Risk Management for Security Administration

posted in: Insights | 0 |
Reading Time: 1 minute

Professional risk management is a basic requirement for security administration.  It is not a nice-to-have luxury.  However, many IT technicians and engineers take short cuts to make their job easier, or cut costs.  Alternatively, others lack understanding or don’t do the necessary deep dive research on how to build secure networks.

To help you understand security administration, we look at Microsoft’s 10 Immutable Laws, and share our insights on each one.

“Security isn’t about risk avoidance; it’s about risk management.”
Microsoft’s 10 Immutable Laws of Security Administration: Law #9

From time to time, we assess networks managed by other companies, through our professional risk management audit service.  For instance, a business contacts us after a security breach.  Sometimes this result of an insurance claim or at the owners request.  Probably most of the networks were considered “secure”, right up until the day they were hacked.

Certainly, in all cases, the breaches could have been prevented by professional risk management. However, it is impossible to manage what you don’t monitor.

In short, comprehensive monitoring is not a “nice to have” feature.  Most importantly, this is a critical part of proactive system management. Consequently, do your due diligence.  Check that your IT company is providing comprehensive monitoring.  If not, you are putting your business at risk.

Therefore, if you would like a second opinion about the security of your business IT, contact us.

Share this
Eric Donn
Follow Eric Donn:

Technology Consultant

Eric Donn has a background in security and design spanning several decades, and consults on technology streamlining and security. As the founder and managing director of Sabre IT Ltd, Eric is dedicated to delivering secure, reliable and stable networks to his clients. His group of technology companies focus on developing products and services to provide clients with onsite and private cloud solutions for their businesses.