IT security is not a new topic, but corporate awareness of its presence (or lack thereof) is at an all-time high. Not a day goes by that I don’t see a headline somewhere related to stolen data, hacked company computers, or leaked private information. When Sony’s Playstation® Network was hacked, losses of around $24 billion were estimated. Then there were security breaches at Citigroup or Lockheed Martin. Both were industry giants with bolstered defenses, and yet fell victim to stolen confidential information. It seems no one is safe, but does obscurity or anonymity still qualify as protection for your small organization?

A few weeks ago, I was sitting in a boardroom with a couple of partners at a smaller private CPA firm and the topic of their network security came up. Mind you, these two gentlemen had a basic knowledge of technology like most business owners, but they couldn’t understand why buying and installing a firewall was so important. A firewall! The most basic of network security devices, and here I was trying to justify such a basic, yet mandatory investment for any business, let alone a financial firm.

It was a confirmation of a truth that is common regardless of the size of the company. That truth is simple: most business owners have a hard time appreciating or valuing technology unless they have experienced some form of technology-related pain. That pain can be data loss, bad support, frustrating software…etc. Whenever I meet with potential clients, one of the questions I ask at the beginning is “Are you ‘tech-savvy’ or ‘tech-strategic’?” This sets the tone for the direction we recommend.

Technology dependent – This is more common among small private companies. Your business may depend on your computers and networks, however your decisions regarding technology are often reactive and cost is often the most important factor in whether or not to continue. The inherent problem with technology-dependent businesses is a lack of invisible efficiencies and super-high risk factors. Time and productivity are often overlooked as business assets. These are some common factors in companies dependent on technology:

has. Computers are older (4+ years) and sometimes even beige or off-white (a sign of age).

b. Few important proactive tasks are being performed, such as testing backups, patches, and risk assessments.

vs. No guidance on how to leverage technology to contribute to profits or increased productivity.

d. The company still pays someone to fix things when they break by the hour.

me. There is little or no security on the network.

Strategic Technology – A company that has seen the true purpose of technology and allowed itself to do more is strategic. “More of what?” You can ask. It can be more productivity, more efficiency, more income and/or happier staff. The companies I work with that are “tech strategists” appreciate what technology can do for them and are not resistant to change. Here are some factors that make up a strategic technology company:

has. Computers are maintained (optimized, clean, and typically less than 3 years old).

b. Network operations and security are actively monitored.

against There are security policies in both hardware and software.

d. There is an IT budget and it is fixed.

me. The IT solution is a regular topic in your business planning meetings.

If you want growth in your business, confidence in your IT security, and the best return on investment, you need to find ways to start moving to the strategic side of the spectrum. It won’t happen overnight, but the process needs to happen or you risk falling behind your competition.

Where do you start? You need a trusted technology resource, whether it’s a friend, your nephew, your executive assistant, or an established IT company. Just as your clients trust you for the best professional financial advice and guidance, you should expect the same in terms of technology advice from a trusted technology partner. With that said, take a look at this list of tech products. If you don’t have these 10 items in place, you should seriously consider implementing them:

– Documented and tested backup process both on-premises and off-site. You should receive regular reports of these backups.

– Network security policy (passwords, data access, acceptable use policy are examples).

– Basic alerts when there is a failure in your critical systems, such as a server or email.

– Firewall

– Anti-virus and anti-malware software

– Antispam for email

– Data and email encryption

– Regular maintenance of computers and networks.

– Secure wireless access

– Internet filtering

Implementing the above technology solutions can help your business reap the benefits of becoming a “strategic technology.” An IT company with certified engineers can develop a strategic and tactical plan to ensure that you are getting the most out of your technology.