Chris Ecker, chief technology officer at DelCor Technology Solutions, explains the give-and-take of IT security and why organizations might have to sacrifice some freedom and flexibility in how they work to be more secure.
What is the balancing act when it comes to IT security?
Anytime you're looking at the overall security configuration on a network, when you're trying to make things more secure, that typically means you're going to be locking things down more, so to speak.
People may not have as much freedom or flexibility, [and] that can sometimes lead to frustration. That's the balancing act: You need to make things more secure, but there are going to be some rough patches for the staff.
How can associations ensure better security without the frustration?
Like a lot of other things when you're looking at change within an organization, the leadership has to be on board. They have to get behind the recommendations that the IT group is making related to security.
Then you can start to make policies and educate the staff before you make changes. Communicate about what's going to happen and why it's going to happen. If you just start locking things down, people are going to feel threatened, like they've done something wrong.
What advice do you have on implementing tighter security?
As an organization looks to implement more security, just like a lot of other things in IT, you need a plan. Approaching it as a specific initiative, as a project, helps. And from the technical perspective, there are third-party tools that can help with something like locking down a system that IT administrators can use to help manage workstations and desktops and laptops.
[This article was originally published in the Associations Now print edition, titled "Balancing Act."]