During the many changes that take place during a PMI project, you need to ensure you don’t leave yourself vulnerable when it comes to security.
- 40% of PMI projects introduce a security issue.1
- 70% found compliance problems were one of the most common types of cyber-security issue uncovered during due diligence.1
The merging of two companies, usually with very different infrastructures and generally with dissimilar security policies and procedures, requires careful forethought and planning. By undertaking early analysis and identification of potential risks and vulnerabilities, you can reduce your exposure to threats and ensure your new IT infrastructure is secure at all times.
Let’s take a look at seven key areas you must consider from a security perspective when you’re planning your PMI project:
One of the main areas of risk can come from workarounds that may have been put in place temporarily and not removed after Day 1.
Make sure that any provisional measures you’ve taken are then rectified and replaced.
2. Data security
The data you hold can cover everything from sensitive financial information to personal client and employee records. As well as making sure all the usual data storage areas are secure, you should include data clean-up, backups, and recovery procedures.
3. Application security
During a PMI project, you could be introducing new applications and integrating different off-the-shelf tools for the first time.
Rigorous testing should be conducted to ensure compatibility with your new systems.
4. Mobile devices
This testing should also extend to the range of mobile devices being utilised by both companies. Are the applications being used by your remote workers secure? Will security be maintained once integration has taken place?
5. Network security
Network security should cover workstations, network devices including firewalls, routers, access points and web servers. Prior to, and during, integration of your systems you must ensure any vulnerabilities are quickly detected and potentially hazardous gaps closed.
6. Architecture risks
With the merging of two companies, you’ll have diverse architectures of applications, technology and designs coming together. The infrastructural components of each should be assessed to determine any potential weaknesses or design flaws.
7. Policies and procedures
Each organisation in a merger will have its own set of regulations and compliance standards.
In a PMI situation, will one company be adopting the policies and procedures of the other? Or will a new set of policies apply? If this isn’t mapped out before integration, you could leave your organisation vulnerable to security breaches and potential fines for failing to meet legal compliance regulations.
Security should be considered from the initial assessment of an acquisition, throughout post-merger planning and during the transition. By focusing on the key areas we’ve mentioned, you can help to avoid delays and reduce risks.
By taking early action, you can ensure a smoother integration of companies and prevent damaging security breaches.
Plan for PMI success
If you’d like to know how to prepare your teams and systems for post-merger integration success and gain maximum value from your IT, contact us for a friendly discussion regarding your particular business needs on 0800 622 6719.
Source: 1 www.westmonroepartners.com/Insights/White-Papers/security-survey