How much should we spend on securing our I.T. infrastructure?

Updated: Oct 8, 2019

This is a very common question that we hear from our clients all the time. You can literally spend hundreds of thousands of dollars employing the latest in managed firewalls, anti-malware, etc. However, as you spend more, this follows the law of diminishing returns - i.e. the first thousand will bring you from zero security to 75%, but the last thousand may only bring about a 1% improvement. So where to draw the line?


We always recommend that backup and restore capabilities be implemented before any spend on security. In other words, let's first focus on restoring from a potential attack before focusing on preventing the attack. Local backups, cloud backups, virtualization, etc. can all be employed to assist in the backup/restore scheme.


Thought of another way - large corporation like Citibank, Yahoo, Visa & Mastercard have all suffered data breaches, and they spend millions on I.T. security. Are you willing or able to outspend them? In addition, society is getting used to this almost-daily occurrence and thus it's not the PR-spectacle that it used to be and unlikely to affect your revenue significantly. Data loss on the other hand, will most definitely affect your revenue.


So focus on data backup first and have a regular test/restore procedure in place to verify. Then once it is all set, spend on security to whatever your budget allows, and don't lose sleep over it.

15 views

Recent Posts

See All

Social Scams

We received a call recently from someone whose 80 year old mother was involved in a "love scam" - to the tune of $100,000. As good as we are at I.T., unfortunately, nothing could be done to help reco

Working from Home during a Lockdown

With the recent Lockdown due to COVID-19, we are receiving a lot of calls from clients needing to re-jig their business model for a work-from-home (WFH) environment. Here are some tips to help you ma

Beware of Phishing Scams

What is Phishing? Wikipedia defines it as this: Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a tru

© 2019 BY ALLTECH SOLUTIONS INC.