Common Questions Your Doctor Asks That Your IT Support Should Be Asking To Improve Your IT Security
With back to school doctor visits finished and flu season just starting, I’m reminded that good IT Support should be like your trusted family doctor. When you go in for a checkup at your doctor’s office, he or she asks you a variety of questions to identify if there are any problems and then determines root cause if there is a problem.
Whether you call on the doc to confirm that you’re healthy or to get his or her opinion on a health issue, you are kept updated on how to maintain or improve your healthiness. IT support should be doing some of the very same things when it comes to your Network Security. But for IT Support, you should expect many more frequent ‘checkups’ than a doctor requires.
Many of the same questions a doctor will ask you are exactly the same questions your IT Support should be thinking about.
What are the things your doctor normally asks you?
The questions can most assuredly—at least in the broadest of senses—be applied to your IT Support and network security. Just to name a few common ones:
Are you exercising? Are you eating foods that are good for you?
Exercise and diet are key components to maintaining a healthy body (or at least that’s what nurses and doctors tell me). If you eat only greasy and sugary foods, your body is probably not very happy with you. The doctor may give you some steps to improve your physical activity levels or modify your current eating behavior to prevent or course-correct chronic conditions.
IT Support should be monitoring your network for problems—unexpected traffic, aging hardware, suspicious activity and maintained security patching (for more details on patching in particular, see our recent discussion). Wouldn’t you expect your IT Support team to understand how your network looked on an average day so they could pinpoint irregular events? (Maybe security breaches, failing hardware, malware or malicious user activity?).
Like a doctor, your IT Support should routinely evaluate your network, identify areas of concern and determine a resolution to fix any network security concerns.
Are you getting sufficient sleep?
Every time I get a physical or examination, the nurse or doctor asks if how much I sleep (sadly in my case, I’m often scolded for not getting enough Z’s, but running an enterprise-level IT company is frankly something I keep top of mind day in and day out).
Doctors normally ascribe sleep deprivation to risks of stress, which may trigger all sorts of chronic conditions.
In IT, your support team should be monitoring for stress on your network to prevent outages, downtime and failures. Monitoring for network issues and identifying solutions to ameliorate those conditions or user symptoms has to be a key component of an IT Support team’s routine. Often, IT Support teams consume all of their time focusing on symptoms and devote little time strategizing your business’ security and resolving chronic problems.
Are you avoiding bad habits?
Doctors always seem to key in on bad habits—maybe smoking, drinking too much, taking too many aspirin to relieve chronic pain—it seems like there is almost always something that a doctor is looking to improve.
IT Support should be looking at bad habits, too. Your IT Support should be training users on security best practices. What information is safe to send via email? How can your users easily identify a phishing scam? What are the biggest schemes criminals are using to get into your network this week? Your IT Support should disseminate this type of information when they are working with your users.
The Biggest Problem With IT Security
More often than not, IT Security loses focus on the security issues that we critically need to address. And these very basic questions the doctor often asks us to ensure good health also apply to our computer networks. Business owners concerned about keeping their businesses secure get an IT security “check-up” to understand if they should worry about latest data breaches.
An IT checkup is very similar to a doctor’s visit and should address similar major concerns to those your doctor may have.
A doctor is there to help you understand what you need to do to keep living healthily. Essentially, he or she is taking an acutely complex system—your body—and explaining what specific parts need more attention.
You may notice symptoms and may have concerns when something doesn’t seem right—maybe you have a rash, a cough or feel a pain, but the doctor is the one to comprehensively evaluate your situation to come up with a diagnosis and a resolution plan. It might be as simple as a few cough drops or as complex as neurosurgery.
Your IT Support should be acting similar to your doctor. Your support team should specifically be asking very pointed questions when it comes to your IT Security.
While your doctor routinely checks very specific aspects of your physical health—blood pressure, body weight, height, blood tests— so too, your IT Support should be evaluating your business’ network routinely to understand and correct issues to protect your business data.
And just as your doctor has a plan of attack to address health problems, so too, should your IT Support.