reflection-of-three-men-PXDYH77(1)
Quick Tips

5 creative ways to address gaps in IT resources and talent

In a recent Indeed survey of more than 1,000 hiring managers and recruiters, more than half (53 percent) of respondents have hired tech talent despite candidates not meeting the job description requirements. That may be a good thing for businesses in need of IT resources to fill gaps in their talent pool. While that alludes to the fact that businesses are working hard to meet their needs for IT talent in what must be creative ways, here are five of those ways that businesses can employ to fill the gaps in IT resources and talent.

Download E-book
Download E-book

#1: Training People with Transferable Skills/Hiring Recent Grads

Businesses can meet their IT needs by training people within the organization who have transferable skills: for instance, an IT-savvy employee who can learn a new computer language to meet the job requirement. Bringing interns into the organization is a perfect chance to feel out a cultural fit—their ability to learn and adapt and measure how they’d work with the existing team.

Another way that businesses can fill tech roles by turning to internal training to fill talent gaps is by hiring college graduates with two- or four-year degrees in computer science or even technical trade school graduates. This requires growing them into the level of mid-level techs who bring value, which can take a year or more.

#2: Support and Mentor Programs

Companies having a hard time finding tech talent should create a mentor program and work with more junior IT team members to put them on a skills track. The first six months of the mentor program is an investment, with team members learning new skills quickly. At the six-month or one-year point, they begin creating value for the company but still need the advice of senior leadership to grow and to avoid pitfalls.

#3: Internal Training, Certification

If you have competent IT generalists but need them to have specific training, it can pay to invest in the certification training that they need as long as they have the aptitude and ambition and are a good fit for the company long-term. The potential downside is that investing in IT personnel training doesn’t always continue to pay off, as they may leave at a certain point and take the training that you provided with them to another, higher-paying job.

#4: Sharing IT Talent with Other Businesses

Another approach that may be possible is that other, non-competitive businesses that you work with, such as vendors or businesses operating in the same building, may have part-time tech staff that you can work with and whose consulting-time costs can be shared with their employer. This may be feasible if your business is relatively small and its IT needs are basic.

It does present some drawbacks, as they may not be available when there is a problem, even though they may be on call. Other challenges are, they may be IT generalists rather than specialists, so they may not have the skills to handle more complex IT needs.

#5: Strategic IT Staffing Through Augmentation.

All of these solutions can be quite costly, and depending on your IT needs, it may be a long time before you see the return on investment at some type of break-even point. In today’s digital era, IT needs are a combination of current network and IT system maintenance, monitoring, and management. Additionally, it is about IT strategy development and implementation for technology solutions that will meet future business needs. This is true regardless of the size of your business, so with part-time IT staff or even in-house IT personnel, their skill sets and numbers may not be sufficient to effectively bridge the IT resources gap.

Gaps in IT can lead to major problems in terms of network downtime, slow business technology processes, and cyber attacks due to poor security patches and software update scheduling. With today’s deadline-driven IT demands and time-compressed project cycles, the ability to augment a core IT staff with on-demand advanced-skills professionals can dramatically increase a company’s competitive advantage.

By having an external managed IT services partner (MSP) to deal with day-to-day IT support, as well as long-term evolution, the organization can tap into highly skilled IT consultative support. The best of these MSPs provide a broad and interconnected suite of services that are bolstered by an understanding of how to develop and fulfill a defined IT strategy that is aligned with business goals and culture.

The support of an MSP can effectively bridge the gaps in IT personnel, as well as tool needs for monitoring, maintenance, security, and vendor relationships for the inevitable investments in new IT solutions. The right MSP can provide all of the specialized personnel you need, when you need them, under a set price contract that can be adjusted for expanding or temporary needs. You also get a consultant that can help you develop a sound IT, cybersecurity, and virtualization strategy to prepare your business for future needs in ways that foster agility, growth, and flexibility.

tirza-van-dijk-58298-unsplash
Quick Tips

4 ways compsec pros protect their computers

Computer and network security: Everyone knows they should be doing it better, but no one really knows all the best ways to do it. The computer security profession is a large and varied one, so — obviously — opinions vary about best practices and solutions. But believe it or not, everyone agrees on the single-most effective way to keep your computer safe in our digital era: Don’t use a computer.

Unfortunately, that’s not really practical for most people. So instead, we snooped around for what measures computer security professionals use to secure their own machines. (Obviously, one of the best measures is not to release all of your security methods, so we got the cream of the crop.) The skills and knowledge of being an expert computer security professional can take years to learn, but it’s always possible to glean a few tidbits of knowledge from the pros.

Download E-book
Download E-book

Take online security seriously and respond quickly

News outlets were buzzing after an article published on medium.com nailed Panera Bread to the wall for failing to address a massive user data breach for eight months. That breach allowed anyone to view customers’ full names, addresses, dietary preferences, and email addresses. Their IT team didn’t fix it and their leadership didn’t handle it when it was brought to their attention. That’s not exactly the example to follow.

Whether you’re speaking in terms of public relations, data security, or loss of productivity, there’s never been a more important time to take digital security seriously. You wouldn’t leave your car running in a parking lot while you went inside for half an hour, so don’t leave your (and potentially your customers’) data vulnerable online.

Update your software — now, not later!

We were actually surprised by this consensus opinion. It’s so simple, yet, we’ve all been guilty of clicking “Remind me Later” when some program wants to update. There’s a reason that software is updating: Its team of dedicated, expert programmers have patched something. Many times, it’s a security loophole or some part of the program that allows a vulnerability into your system.

With that said, do something you might never have done — read the release notes. Figure out exactly what the update intends to fix, and then head to the forums. See what other people are saying about the risks involved with the update. If you’re already behind a version, then take a moment to weigh whether or not to update to, yes, yet, another version that might also have holes. That’s what the pros do.

Remember when security experts found a flaw in High Sierra? That’s the perfect example. You might have dodged a bullet by not updating, but not without checking the news.

It may be hard to believe that one of the most important lessons of online and network security is performing software updates as soon as possible, but it’s one of the best ways to keep your computer and network safe. It’s almost always a hassle, but it’s definitely always worth it.

Be miserly with your permissions!

Every CompSec pro is privy to the basic, fundamental rule of network security: The Principle of Least Privilege, which basically asks “how few permissions can you give each user?” Yeah, needing to ask your IT team to turn on your speakers because of insufficient permissions is incredibly annoying — no one knows better than the IT team. But by keeping everyone’s permissions as restricted as possible, you minimize potential problems, including your own.

Imagine your network like a house and a hack like a break-in.

Example 1: You have valuables in every room of the house, but there are no doors to those rooms. Whether a thief breaks in through the window, the garage, or by picking the front door, they can get at everything by breaking in once.

Example 2: Every room in the house has a locked door, and all valuables are placed inside safes. If our thief gets into one room, they can’t get to the hallway and into another room, and they might not even get anything out of that room.

Obviously, it seems a little paranoid to live that way. But, let’s face it, CompSec pros are a little paranoid. Keep your “rooms” locked, put your valuables in a safe place, and when you throw a party, close it all up. In other words, administer your network with multiple user permission levels and restrict accesses carefully, based on how few permissions can be doled out.

Prepare for the worst: Do your backups

You know what the scariest part of working in 2018 is? It’s entirely possible that next time you turn on your computer, every file on it could be lost. There are hacks that hold your hard drive irretrievably hostage, there are environmental disasters that ruin your servers… even a simple burglary can make accessing your data impossible. Are you prepared for that?

Performing a backup of essential files and storing that backup somewhere geographically different from your hard drive could mitigate most security failures. There’s a lot to learn about how to keep computers and networks safe, but knowing how to retrieve stolen, lost or hacked files could be a lot easier and maybe just as important.

Update software, backup your data, and restrict user accesses – those three steps alone could potentially save you and your company hundreds of hours and millions of dollars. But in all of these examples, what you and your network security team should be asking is, “Do we even know what our company’s policy is?” These tips don’t even scratch the surface of everything there is to learn about computer and network security, but good security starts by asking questions and finding out the answers.

Last tip: With all that said, don’t feel bad if you’re doubting your company or team is doing enough with security measures. When asked, “What do security professionals do to secure their personal computers?,” almost all network security professionals have the same answer: Not enough. You can always do more, so get started today!

Via: CBTNuggets