IT support and security considerations in 2014

Windows XP support

In early April 2014, Microsoft will cease support for Windows XP. Thereafter, there will be no more security patches, non-security hot fixes, paid or free support, or online technical content updates. This has huge security and compliance implications for businesses that still use this operating system. The potential for cyber attacks is much greater, and for those organisations that pursue custom support elsewhere, the costs are likely to be high.

Such companies must take action and move to a supported operating system such as Windows 7 or 8.1, and this also gives an opportunity to explore the feasibility of virtualisation and cloud computing to see if they would be of benefit. Such migration has support implications for the IT department, including deployment, training, and troubleshooting.

Virtualisation and Cloud Computing

Virtualisation allows an organisation to use one physical server to run several individual computing environments and is fundamental to cloud computing. Conversely, providers of cloud services have many servers as they cannot afford to have a single server for each customer. Instead, they virtually partition the data on the servers so that each client works in a separate instance of the same software.

In an enterprise network, virtualisation and cloud computing are often used together to create a private cloud infrastructure, another growth area. As more and more companies see the benefits of private cloud computing, this also raises information security issues. Moving sensitive data to the cloud can be problematic as data about individuals may be personally identifiable and therefore needs adequate protection. There are also compliance issues if companies do not provide such privacy for their customers, including penalties. If customers become aware of failures in data protection they might take their business elsewhere and the company?s reputation will suffer, possibly irrevocably.

BYOD (Bring Your Own Device)

Employees increasingly bring their mobile device/s into work or use them off site for business purposes, and these pose both an internal and external threat to the organisation. For example, as the boundary between work and personal data becomes more blurred, such information could potentially be held in an unprotected manner on personal devices. Untested and poorly implemented applications used on personal devices can also be vulnerable to exploitation.

Mobile devices can be targeted not just for any data stored on them, but also for the systems and services they can access. Users therefore need to be educated about the potential dangers so that they are more vigilant over the applications they install and the networks they connect to via their tablet or smartphone.

Mobile working

More and more employees work at least some of their time out of the office, either from home, or whilst on the move. Such employees have different support needs in accessing data and services remotely. They can also pose a problem when needing technical help for a non-functioning machine which requires attention.

Remote users can also present support challenges in the applications they use. Some may be available on the network and accessible from off-site, but others they may have downloaded. Interaction and integration between such applications can be a difficulty, and there can be conflicts which can negatively affect productivity and be a security risk.

Social Media

Social media such as Facebook and Twitter provide new marketing opportunities, attracting new customers. Using such technologies properly and troubleshooting when things go wrong is a growth area in terms of IT support.

It is also predicted that cyber crime will become increasingly prevalent on social platforms in 2014. Users need proper guidelines which must be adhered to. IT personnel also need to be trained to recognise the risks that social media present. In addition, the privacy settings on such media should be locked down and managed at the highest possible level.

Cyber Crime

With the growth of internet use and social media interactions, cyber crime is a growing problem. Organisations need to be prepared for the unpredictable. Not just those criminals whose aim it is to steal identities or for financial gain, but also for those who deliberately aim to cause disruption, and even to ruin a business. Investing in some kind of resilience is wise in order to minimise any possible impact of the unforeseen.

Most organisations depend on the internet and as hackers become more sophisticated, this is a security risk. Already researchers have been able to demonstrate that attack is possible against such technology as smart televisions, security cameras, and medical equipment.

Organisations need to be aware of the risk and take the potential vulnerability into account when connecting gadgets to the internet, devising preventative measures where possible.

Changes in ways of working, systems, information management and collaboration, together with new technologies offer many benefits for organisations. However, they have implications for IT support and security. IT personnel need to be adequately trained to provide such support and to be aware of security risks. Policies and practices need to be reviewed or implemented so that all users are aware of boundaries and limits on personal devices, applications, data access, and security.