A short story
The CEO of a successful and well-respected company shows up at a dinner party. She begins to mingle with a few friends, way too many acquaintances, and a number of total strangers as she maneuvers through the evening. After a few hours one of her close friends introduces her to Lawrence.
She asks Lawrence, “What do you do?”
To which Lawrence responds, “I’m a pilot.”
“Wow!” the CEO exclaims. “I can’t say that I’ve met many pilots! What’s it like… knowing you have everyone’s life in your control, so high above the clouds?”
“It’s certainly a rush!” says Lawrence.
In a flash, the CEO remembers an upcoming challenge that she is facing.
“Lawrence, maybe you can help me. I’m always traveling, and I usually fly in my own jet. Unfortunately, my personal pilot is retiring next month, and I haven’t yet found someone to fill his shoes… Since you have so much experience in this field, would you be interested in working with me at the end of the month? I could really use your help.”
Lawrence pauses for a moment before asserting, “I would like that very much.”
Technically a pilot…
On the surface, this appears to be the story of a good interaction that solved a problem. However, it could also be the story of a very dangerous decision.
How can we be so certain that this Lawrence is qualified to fly a jet plane? With a little more due diligence we might find that he only has a private pilot’s certificate. What’s the difference? It’s huge.
The requirements for a private pilot’s certificate are rather minimal. It takes some time and money to achieve it. But you can exit your training with the title of “pilot” after only spending a short time in the air with a single-engine craft.
The requirements for a commercial airline pilot are much more rigorous. In addition to a basic certificate, one must have instrument and multi-engine ratings, a commercial pilot certificate, some time as a certified flight instructor, an Airline Transport Pilot Certification, and over 1500 hours of flight time.
Our CEO just handed her assets and her safety over to someone unqualified to handle the job.
Have you ever been so quick to fill a need without conducting a thorough investigation?
Who is your partner for navigating the cloud?
Let’s change gears and talk about a different kind of cloud. The technology cloud.
These days there are two things in the world of information technology that are incredibly common. Firstly, there is a tremendous amount of “turbulence.” IT systems are in more danger than ever before of becoming compromised by hackers and cyber criminals. Thousands of new technologies enter the market every day, and simply choosing the new and compatible technology for your business is a daunting task. Employees in the organization can “turn rogue” without warning (or even by accident, as phishing attacks happen daily!).
Secondly, there are an endless amount of “pilots” and very few captains. Self-proclaimed IT experts are standing on every corner, looking for your signature on their contracts. Finding a truly qualified, enterprise-level technology partner is another daunting task. When you consider your own IT systems, who is in the cockpit? More importantly, how do you know what qualifications to look for?
The gold standard in information security
There are hundreds of tech certifications that employees and organizations can attain from vendors such as Microsoft, Dell, HP, and almost every other enterprise IT solution maker. They’re great for their singular purposes.
But those certifications are product specific, and a dime a dozen.
You should be looking for organization-level certifications that shine a bright light on excellence, security, and process management. A great example is the ISO 27001 certification. Considered the global gold standard in information security, the ISO 27001 certification is only awarded to organizations that have proven world-class excellence in managing the security of their own systems and data, in addition to their clients’ data.
That means an ISO certified IT company has done its due diligence to ensure that all processes, systems, and controls are in place to fly your company through the roughest storms.
Think about it… if you were the CEO in our earlier story, would you accept any pilot as a replacement to your current one? What sort of qualification would you expect to see in order to ensure your safety from point A to point B? How have you made decisions to hire information technology staff? Whether your CIO, internal engineers, or another firm you have outsourced to. Have you experienced turbulence in your information technology? How can you be certain that your company isn’t moments away from impact? You will need to trust the word of someone with experience. How much experience do you require to know your company is not in danger?
These are important questions to ask ourselves as we continue to venture deeper into the most complicated technological era in history. Thank you for reading. We admonish you to be prepared.
Please leave your comments and questions in the box below! We would love to continue the conversation.
If your IT services provider hasn’t passed ISO 27001 ISMS for security management systems, then they aren’t holding up their part of the relationship. Advanticom has, and we are 100% ITIL certified as well. No firm, small or large in Greater Pittsburgh can say the same. Maybe we should talk. Click here to open up a conversation.
Want to improve your company’s security posture? Read more here.