The National Association of State Chief Information Officers has analyzed IT support services needed by government and non-governmental organizations in a bid to identify security services considered essential. The final report, released last week, points out 12 areas of IT services considered "core”, or essential. Slightly more than half of these relate to overall organization as well as risk and compliance issues; the other seven are closely tied to operational security concerns.
Businesses and governmental organizations can use these 12 indicators to help them evaluate their current tech services plans and should consider them as they move forward into an age where managed services will play an increasing role in the delivery of IT support.
Non-Security Core Needs
The core areas of need that are only tangentially related to providing information security include secure engineering of systems, coordination of overall program management, employee training regarding information systems, maintaining IT continuity during times of disaster, and validation of compliance controls including verifying the proper function of programs that provide security measures.
Core Security Needs
In the area of security, core needs include threat management, security monitoring of physical company assets such as network infrastructure, information security forensics to limit damage from malware incidents, provisions to maintain boundary defenses that will divide the network into separate areas with different access levels, provisions to maintain end point defenses to secure data on systems that must regularly make contact with the world wide web or other untrusted interfaces, and programs to provide management of access and trusted identities. A final core need was for physical security of infrastructure.
An IT consulting company like iCorps can help you ensure that your organization has the right tools to address all of these concerns - call us today at 1-888-642-6484 to learn howt og et started!