In the world of risk management, we spend a lot of time preparing for the unexpected, because we know that unexpected events will inevitably occur. This mindset colors everything we do in our professional careers and often spreads to our personal lives as well. I’ve endured eye rolls from my children when I forced them to participate in fire drills, what-if disaster scenario discussions and other preparedness exercises. But I know that thinking through how we would handle a surprising situation in advance arms us with a plan of action should it actually occur.

Does your organization have a plan of action in the event of a major cybersecurity incident? Sure, you likely have an incident response plan sitting somewhere on a shared drive, but is it covered in digital cyber dust, or is it an active document that the team embraces as part of a daily routine? Regular practice helps keep your plan fresh and your team prepared to spring into action at a moment’s notice. CDW offers two services designed to shake that cyber dust off of your plan.

Cloud governance is a framework that guides how end users make use of cloud services by defining and creating policies to control costs, minimize security risks, improve efficiency and accelerate deployment. It’s imperative to have good cloud governance because it’s a foundational element to your cloud practice that provides the ability to scale and be successful.

Migrating to the cloud is an exciting journey as it provides greater flexibility to the IT teams for creating resources and provisioning them. Gone are the days when it used to take weeks and months to request resources and additional provisioning from the infrastructure teams. Cloud vendors now provide the capabilities to create resources such as compute instances plus add-on software, databases, firewall groups, storage, etc. via APIs.

The cloud-provided capabilities are very powerful and can potentially bring many inconsistencies and resource ownership issues into the environment.

Startup founders sometimes view IT as a matter for mature companies — something to worry about down the road. In fact, technology should be part of strategic planning regardless of a company’s age or size.

The right solutions facilitate growth, increase agility and strengthen cybersecurity, all of which advance business development. Conversely, technology becomes a roadblock when startups lack the time, expertise or resources to reach the most critical milestones in a startup’s lifecycle: problem/solution fit, product/market fit, monetization and scale.

The social and economic upheaval related to the COVID-19 pandemic has underscored the importance of agility and the powerful ways in which it can be enabled by technology. Startups with a solid technology foundation are more likely to possess the resilience to ride out the storm and, perhaps, emerge even stronger.

The promises of the CMDB have been around a long time. The Information Technology Infrastructure Library (ITIL) popularized the concept back in the 1980s and 1990s as a foundational element of IT service management.

The benefits are clear: having a trusted data source with a rich set of relational information provides organizations with decision-making capabilities to support more efficient operations, better user experiences and proactive mitigation of risk. The marketplace has no shortage of services, technologies and service management platforms that support and rely on the CMDB. A CMDB, and by extension, the capabilities it enables, continues to be an important goal for organizations, even more so now considering the impact of digital transformation.

The fact that compliance efforts can be challenging is no surprise to IT professionals and managers. Today’s regulatory environment is full of security and privacy regulations that place strict limits on the collection, handling and storage of sensitive information, and IT teams often find themselves responsible for the heavy lifting of compliance programs.

I recently had the opportunity to visit with a retailer that operates a large contact center to support its international chain of stores. The company was in the early stages of reviewing its compliance obligations and asked us to find ways to modify business practices to reduce the scope of its compliance efforts. After reviewing the company’s activities, we discovered a few small changes in the way the company handles information that could dramatically reduce its compliance burden. Organizations across industries can draw lessons from this experience as they seek to reduce their own costs of compliance.

The global pandemic and social distancing measures have redefined the office for many people. Industries that never would have considered allowing their office employees to work from home were forced to rethink decades of business as usual.

This change has also brought new technology needs. Since these businesses had built technology infrastructures that relied on traditional network and application architecture, a shift had to occur. Suddenly, IT departments were dealing with overloaded VPNs or having to deploy a VPN that they never had to maintain before. Compound that with the fact that users are now accessing company resources from networks or assets that corporate IT has no control over, that most home routers are still vulnerable to exploitation and that, in many cases, the network gates were flung open in the name of productivity ― it’s enough to give any CISO an ulcer.

So how can companies mitigate these risks? Now that everyone is settling into a routine and we’re adjusting to this “new normal,” it’s an ideal time to reach out to your users and talk about security.