Last quarter, DP Solutions and its staff were incredibly lucky to be able to give back to the community in time for the holidays. The feeling of giving to those who may be less fortunate, and providing even a just little bit of sunshine to their day, simply cannot be measured.
As a business professional, you want to create a strong approach to managing the risks within your organization. But there is no need to recreate the wheel. By developing good, strong habits, you can effectively manage security risks by “tweaking” your existing approach, rather than tearing everything down and rebuilding from scratch.
Here are a few fundamental ways you can protect your business:
Many organizations, especially those with a dozen or so employees, lack basic rules on Acceptable Use. It is almost as if they expect users to know what the rules are and what responsible behavior means when using company owned devices and data without formally explaining it to them. It is important that your Acceptable Use policy be extensive, direct, clear, and communicated to staff, so that there is no room for misinterpretation. While we want users to have flexibility with how they use the tools available to them, they need to be aware of what pitfalls to avoid. Simply defining Acceptable Use rules leads to better outcomes and users begin to feel they have a responsibility in protecting the organization’s technology assets.
If you have technology assets of any volume, then a comprehensive plan to proactively support and maintain the system is necessary. Even in 2019, there are still organizations that merely take a reactive approach to supporting servers, and other sophisticated network equipment, that house significant amounts of sensitive data. It’s almost as if support is a cost they wish to avoid. However, organizations that are not performing any kind of proactive management will often have high severity vulnerabilities. A security incident due to this lack of management costs them much more money and stress than an actively managed system, which has far fewer risks of a major incident occurring.
While having an Acceptable Use Policy is essential, it is also a good exercise to provide some kind of basic education to end users about Security Awareness. The goal here isn’t to create a team of network security experts on your staff, but rather give staff some information to identify what incidents they could experience, how to report to management, current trends and how it applies to the organization, and so on. We want people to avoid incidents, but also minimize the damage from potential incidents by recognizing them and responding accordingly.
Even well maintained systems will have flaws. There are so many potential vulnerabilities, both on the PC/Server level, as well as from the outside, that it is virtually impossible to patch them all proactively. New vulnerabilities are discovered regularly, and even diligent maintenance could lead to an important patch being missed due to a variety of reasons. Regular vulnerability/risk assessments should be in place so that security issues can be fixed and adjustments can be made.
In the rush to execute a new change, like replacing an end-of-life server or implementing a new application, some organizations fail to make security a part of the discussion. It’s important to focus on the workflow first. What is it about this particular change to technology that enhances or supports the current workflow? Once that is identified, the next step is to put security tools and policies around that workflow to improve risk management. In order to achieve that, we need to determine what sensitive data this new system handles, and how we want to mitigate the risks associated with it before making big picture changes.
While this is not an exclusive list of ideas and practices to minimize security risks, hopefully it provides you with a line of thinking that you can apply not just to the security risk ‘du jour’, but also to other risks that have not yet been realized by your organization and the ever changing landscape of security.
Of all the things I’ve done during my entrepreneurial career, selling has been the one constant. Ever since my first job out of college, I had to sell to make a salary. When starting my first business, I had to sell to survive. Even the first book I wrote would have been nothing without a huge selling effort. As a result, I’ve become a lifelong fan and student of great selling techniques.
My favorite technique used to be the 1-to-10 close. You know, where you ask your customer, “On a scale from 1 to 10, where do you stand on proceeding with us?” And then when they answer, you ask what you can do to make it a 10. The strategy even worked occasionally, despite the fact that it was exactly what I should not have been doing.
People resist suggestions. If you’re a smoker and I say, “You need to stop smoking – it’s bad for you,” you’ll roll your eyes and say, “Yeah, I know.” Then you’ll light up a smoke and blow it in my face. We automatically do the opposite of what people suggest.
Later in my career, I stumbled across another 1-to-10 technique, which is still the most effective closing method I’ve ever experienced. When asking people where they stand on the scale, no matter what they say, I say something like, “I didn’t expect you to pick a number so high! From our discussion and your body language, I actually thought you were much lower. Why did you pick a number that high?”
When I suggest a number lower than what they say, people naturally resist my remark and want to go higher. Now they argue about why the number they picked – say five – is not that high, and maybe even change their number to a six or a seven. But no matter what, they’re arguing in their own head over why they should go with you.
Tom Sawyer knew this technique. When he acted up and was forced to paint a fence as punishment, his buddies started teasing and ridiculing him. But he just kept painting and said, “Not just anyone can paint a fence.” By the time he convinced them that they weren’t capable of painting a fence, they began begging him to let them have a try. Only then did he let them, while he relaxed in the shade.
It’s a simple strategy, but it works. You can persuade your customers all day to work with you and they won’t bite — but get them to convince themselves, and you’re in business.
MIKE MICHALOWICZ (pronounced mi-KAL-o-wits) started his first business at the age of 24, moving his young family to the only safe place he could afford – a retirement building. With no experience, no contacts and no savings, he systematically bootstrapped a multimillion-dollar business. Then he did it again. And again. Now he is doing it for other entrepreneurs. Mike is the CEO of Provendus Group. He is also a former small-business columnist for The Wall Street Journal; MSNBC’s business makeover expert; a keynote speaker on entrepreneurship and the author of the cult classic book The Toilet Paper Entrepreneur. His newest book, The Pumpkin Plan, has already been called “the next E-Myth!” For more information, visit www.mikemichalowicz.com.
This report reveals what every business owner should know about
|Important! We hate spam as much (or more!) than you and promise to NEVER rent, share, or abuse your e-mail address and contact information in any way.|
DP Solutions is thrilled to welcome the following organizations who recently joined our family of clients:
The American Association of Colleges for Teacher Education (AACTE) is the leading voice on educator preparation. AACTE represents more than 800 postsecondary institutions with educator preparation programs dedicated to high-quality, evidence-based preparation that assures educators are ready to teach all learners.
The Halle Companies, specializes in development, construction and property management of a diversified real estate portfolio throughout the Mid-Atlantic and Southeastern United States.
My Cleaning Service offers Green Cleaning & Commercial Janitorial Services throughout Baltimore MD, Washington DC and Northern Virginia.
Patriot Capital is a family of private equity funds focused on debt capital and minority equity investment opportunities in small and medium-sized privately-held companies having minimum annual revenues of $10 million and EBITDA of $3 million.