Responsible IT Architecture (definition): the IT controls and products that every company must have to handle their baseline cybersecurity and productivity needs.
If you’ve been in sales conversations with Integris lately, you may have heard us talking about the idea of a “Responsible IT Architecture” framework. You may have even heard us say we won’t work with a client unless they (a) have Responsible IT Architecture already in place or (b) commit to working with us on implementing it.
It’s a strong position to take, telling a client that we won’t work with them unless they have a specific set of controls and systems in place. But follow my logic here.
Would you ask a car manufacturer to sell you a car without a seat belt?
Of course not. You can’t buy a shiny new car without the basic mechanisms to keep you safe when things go wrong. Responsible IT Architecture is a lot like that. It’s a systems philosophy and suite of products that build a baseline of protection for your company.
So, as you might imagine, Responsible IT Architecture is the one thing we won’t ever do without. It’s the heart of our commitment to our clients, after all. But before I get into how it all works, let’s get specific about what Responsible IT Architecture really is.
What does “Responsible IT Architecture” Mean to You?
Responsible IT Architecture is our own term. While every client’s baseline for “responsible” will look a little different, some common denominators apply, no matter what kind of business you run. At a minimum, you should:
- Protect your networks with firewalls and proper authentication
- Have a bulletproof disaster recovery plan and platform
- Continuously patch, monitor, and remediate vulnerabilities in your system
- Have a way to filter out bad actors and code trying to interact with your systems
When evaluating a potential client, our team looks at how well your company is executing on these core controls. We look to see if what you have is adequate for your company’s current system needs and the usage you can expect in the future. Then we find the gaps and offer suggestions for what upgrades you’ll need.
What kind of products help you create a “responsible IT Architecture” framework? For some clients, that may mean adding a few new services to the ones you already have. For others, it may mean transferring over to a larger package of new security or backup products. Let’s take a closer look.
The Integris Approach to Responsible IT Architecture
Whether you’ve signed up for a managed service plan with Integris or you’re coming to us for a la carte services, we’ll ensure your company has these eight things in place:
#1—A Strong Firewall
Nearly everyone has some kind of firewall. But is the protection it provides up to industry standards? Can it handle your current user traffic? Is it tuned to filter out current threats? We’ll make sure it is.
#2—A Backup Solution that Covers Your Business Needs
It’s not enough to have one or even two levels of backup. You need a backup that balances cost with your recovery needs. We’ll ask you two questions:
- How long can you go in an outage before it becomes a mission-critical crisis? (your Recovery Time Objective—RTO)
- How much data can you lose before an outage affects your bottom line? (your Recovery Data Objective—RDO)
Some small companies might be able to have a six-hour outage and lose ten percent of their data, yet still come back from that with few consequences. Other companies, like a law office, might not be so outage-tolerant. If their high-value consultants were sidelined, their firm could have massive losses in billing. A breach could cause a devastating loss of protected client data, too. We’ll help you calculate your recovery time and data objectives regardless of your industry or outage tolerance. Your backup solutions should always suit your budget and usage needs.
#3–Security and Content Filtering
When bad links get through your firewall, security and content filtering will be your next layer of defense.
A tool like this is essential for every company. After all, it’s easy for an employee to get fooled. For example, they may type in “Faceboo” into their browser, not realizing their spelling error. The prompt directs them to a website that looks exactly like Facebook, so they type in their ID and password without thinking. By the time they’ve realized their mistake, a hacker has all their credentials. A security and content filtering tool would have prevented the employee from getting to Faceboo.com in the first place by issuing alerts and warnings.
Endpoint protection protects all your devices with a super-smart anti-virus system. There are various levels of endpoint protection products. However, we recommend our next-generation solution, which uses artificial intelligence to learn each employee’s usage patterns. When behavior on the computer looks unusual, endpoint protection flags it immediately. Every business needs this kind of modern, anti-spam gateway.
#5—Multi-Factor Authentication (MFA)
For most companies, MFA means users must offer a password to get into their system, followed by a token of some kind. This token could be a verification sent to a cell phone app like Duo, a fingerprint on your computer’s keyboard, facial recognition, or any other passwordless options. With more employees working remotely, this has become even more important. Cloud applications like Microsoft Office must be secure and accessible to your staff, no matter where they are. Multi-Factor authentication makes it possible.
#6—Least Privilege Access
The best way to safeguard your data is to have it available on a “need to know” basis. Data authorizations should be layered, so only registered users who need the information should be able to see it. This ensures that if a bad actor gets through all your levels of protection, they shouldn’t be able to run loose in your system with blanket admin credentials for all your data. We help you set up your systems with this intelligent, credentialed access in mind.
Patching is not an “every once in a while” endeavor. Someone should be installing incoming patches quickly and continuously, day and night. Otherwise, hackers can use the window before your fix to infiltrate your networks. When we work with a client, we evaluate whether their business is properly patched and create a patching protocol that’s up to industry standards.
#8—Up-to-Date Software and Hardware
We understand that not every company can replace their hardware and software whenever the next trendy new thing comes on the market. However, we can’t work with a company that holds onto their equipment for so long that their devices no longer qualify under a manufacturer’s warranty or service plan. This kind of penny-pinching is risky for your company and, by extension, us. We want our clients to be covered, always.
Email is the front door of your organization, and the first place hackers come knocking with phishing and social engineering scams. All it takes is one slip from one employee to unleash a virus or malware in your systems. Why leave it to chance with weak email protections? We always recommend the strongest email protections that meet all the standards from NIST, cyber risk insurers, and other regulatory bodies. This means incoming emails will be scanned for known bad actors, dark web or unsecured links, and much more. Suspicious emails are quarantined in a secure, off-site cloud environment where they can be remediated appropriately. This cybersecurity tool is critical, no matter what the size of your organization.
Responsible IT Architecture: The Key to Meeting Today’s Challenges
With these “seatbelts” in place, we’re confident that we’ll be able to elevate the effectiveness of all the services we provide for you and deliver on your expectations.
Does this sound like a lot of requirements? It is. But these backup and safety protocols represent the modern standard for IT operations. Companies risk a lot when they ignore these safeguards. The threats aren’t just the hacks and outages. Cyber risk insurers will ask for proof of these protections before they issue you a policy. Potential clients (especially those from the government) will ask to see documentation around these security tools—before you can respond to their RFPs.
In today’s complex IT landscape, staying safe is the wise business decision to help your company thrive. Let Integris, and responsible IT architecture, help take you there.