infoTECH Feature

October 12, 2015

5 Security Issues CIOs Must Consider Before Implementing New Technology

By Special Guest
Richard Smullen, CEO of Pypestream

The influence wielded by a CIO on a company has greatly increased in the last 5 years. Cloud-based computing has shifted the power from the IT department into the hands of the end users - either employees or customers. This shift in power has increased the risk of security issues, particularly when implementing new technology platforms. As other senior level executives look to add new digital products that support users on the customer and employee level, it is critical to keep the CIO’s 5 main concerns top of mind:

1. Verify users for authentic communication

New communication platforms must demonstrate that significant measures are in place to ensure that users are validated in the sign-up process and during ongoing use. User verification is becoming particularly critical as advances in in-app payment technology and its prevalence become widespread. When products store users’ credit card or banking information, then the financial risks are magnified and it’s vital to the product’s success that the processes to verify users on both ends are comprehensive, extensive and secure.

2. Privacy is everything

End-to-end encryption ensures the safety and privacy of all information and data sent between employees/businesses and their customers. This is particularly relevant for new communication technology. CIOs are attuned to the risks of IP theft when information is shared across messaging platforms. So while a product may revolutionize how organizations communicate, if it doesn’t achieve that revolution via secure channels that employ industry standard security measures, no CIO should consider giving it the green light.

3. Secure your mobile platform

A big part of the CIO’s role is determining how the increased use of mobile negatively affects a company’s risk profile, particularly in relation to data security. Platforms that limit the amount of data stored on a mobile device can mitigate this significant risk when mobile devices are lost or stolen, so CIOs opt for platforms that limit the amount of data stored on actual devices. CIOs should choose new technology that utilizes secure cloud-based storage for files or attachments, and that only stores data on a device when completely necessary.

4. Cloud-based security

Of course, using the cloud brings its own security issues to consider and all efforts must be made to only use technology with the most secure cloud service and security infrastructure. As a general guide, these five questions should be considered before implementing any data storage on the cloud:

  • What are the risks associated with losing data?
  • What procedures guarantee availability of information?
  • How does the CSP (News - Alert) comply with any necessary regulations?
  • What disaster and recovery measures are in place?
  • Is confidentiality ensured?

No matter how revolutionary a product or technology platform may be, if it fails to address these basic questions it poses a serious risk to company information.

5. Secure by design

Most CIOs recognize the cost of implementing services before considering the security implications. The costs associated with adding security features ex post facto may ultimately be many times greater than the initial cost of implementing the system itself. Before any new platform is implemented, the CIO should be stringently assessing whether it was designed with security first in mind, or whether security and business functionality was an afterthought. Obviously, any products that fall into the latter category can pose a serious risk for the company.

As executives at companies look to implement new technologies in their organization, they must understand how their CIO determines the impact in these keys areas. Without taking these into consideration during the research process, the next technology that they want to implement at their company can be just as easily nixed.

Richard Smullen is the CEO of Pypestream. He previously served as co-founder and CEO of Genesis Media LLC, a next generation multiple media, real-time video advertising platform.




Edited by Kyle Piscioniere
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers