Security threats are ever-present. But the stakes have been raised with some states requiring agencies to implement new Information Technology (IT) policies and procedures as a mandate for state funding. In fact, the State of South Carolina issued a series of Information Security Policies applicable to all state agencies, including institutions, departments, divisions, boards, commissions and authorities. All state-supported organizations in South Carolina are required to have these IT policies fully implemented by the July 1, 2016 deadline. Other states are considering similar mandates and some government agencies, higher education institutions and not-for-profit organizations are proactively addressing their IT security.
State-funded organizations strive to serve constituents while also protecting their privacy and Personally Identifiable Information. But limited funding and constrained budgets can make it difficult for state-funded organizations to implement the new IT policies and procedures. Some organizations may be facing a looming deadline for information security and privacy compliance without the bandwidth or experience to comply. Others may be seeking to interpret and adapt the State information security and privacy framework to fit their needs. One size does not fit all organizations.
Whether your organization has the IT skills and resources to implement the new IT policies and procedures or you need a consultant to guide you, a third-party check-up may be helpful to review your IT security policies and procedures to comply with the State’s intent for information security. Beyond implementing the baseline policies and procedures, organizations should look to adopt best practices to protect against the ever-present IT security threats and gain efficiencies from these new IT processes.
We Can Help
Organizations need to think through the potential impact of the IT policies and procedures and the resources they have to support state mandates or deadlines. In light of full time employee hiring limits in some states, contractors may be a good option to bring the skilled resources they need and temporarily boost the headcount during a high-volume period. Elliott Davis Decosimo is ready with a team focused on IT Security as well as the needs of Government, Higher Education and Not-for-Profit organizations.