WK4 DQ

Wk4 430 dq2 100-150 words

What would you consider to be one of the major challenges when implementing a security program into a small-medium sized organization (SMB)? Explain.

REPLIES 75-100 WORDS

A Destiny Carlisle

Hello Class,

Well, many small- medium business have to make sure that they plan not only for what market they are targeting but the long and potential growth. They risk, by having to use their resources and have to guesstimate the need of spending for the products they need to make sure they can meet demand and stay afloat. So, the main for any business is getting the funding and building the brand. With the Covid-19 impact a lot has changed and some companies that start out 5 or 6 years ago are not getting more headline than they have ever seen, which has companies such as Palo Alto hiring consultants to market their product due to the increasing demands of online shopping. The average mindset of an SMB owner is made sure they are available in some way shape or form for 24.7 assistance to their clientele, this makes it difficult because threat requires staffing and them having to make sure they are able to keep to that commitment and not just use the bots as the 24/7 support. The financial restraints can range from hardware to software upgrades to stay current with all the necessary security patches. The costs of upgrading software can be very costly and to keep the company profitable, other things are considered critical like the product development or marketing

B Olatunbosun Osifowode

Hello Class,

Although large organizations tend to have more problems than the smaller organizations, the small organizations that have anywhere from 10 - 100 computers and the medium size organizations that have 100 - 1000 computers still face major challenges. These challenges include having just one security professional within the smaller organization stemming from their smaller budgets. This requires the security administrator to be a jack - of - all - trades (often also playing the role of Systems Administrator and / or Network Administrator) and they often turn to freeware and opensource software to lower the cost of security. Security Trainings and awareness is a challenge because it is often done on a one - on - one as - needed basis. According to InformationWeek, this security administrator should be separate from the IT department because the one who implements security and the ones who watch should not report to the same person because of conflict of interest. Therefore, in medium - large organizations, InfoSec functions can be distributed among specialized groups of staff, while smaller - medium sized organizations must carry out these functions by all members of the department (Whitman & Mattord , 2016).

C Autumn Keen

I think the first thing that comes to mind would be resources (whether it be financial or personnel).

Trained personnel - Are they equipped with the correct training to implement the program correctly and safely.

Correct Hardware/Software - Does the company have updated software and hardware? Can it support a security program that tailors the entire company and protects all assets and employees.

Finances - Does the company have the money to support a program and it's personnel as well as support it year long. I think these would be at the forefront of any mindful businessman/businesswoman. Looking at PNLs (Profit and Losses) and if the company is capable of taking on the program with the correct personnel and devices. As well as forecasting for any future expansion, issues that may come up and so on. It can be done but must be done correctly and fiscally smart.