Is Your Buffalo IT Company Conducting Regular IT Assessments?

no image

Businesses of all sizes often leave themselves with unnecessary data security risks simply because they aren’t aware of how much information they have that needs protection. At Buffalo Computer Help, we encourage our clients to conduct regular IT inventory assessments as an important preemptive step towards securing information from hackers and other would-be cybercriminals. IT inventory assessments are about compiling a list of data access in your company.
The IT inventory list can be broken down into three main topics:

  • What data your business has
  • Who can access your data
  • Establishing how your organization manages data access

It’s easy for a small-to-medium business to have a relaxed attitude towards IT security because criminals historically tend to go after large organizations. As a result of many high-profile hacks, larger corporations have put in the effort to bolster security to make themselves significantly harder targets. Because of this change, cybercriminals who used to target large businesses are now starting to go after comparatively easier to target SMBs because they haven’t invested as many resources in security.

Identify Your Company’s Data

Before your business can protect its data, you need to determine what data you have. This may sound easy at first, but determining where all your information is stored can be a very long process and it’s easy to overlook places your information might be hiding. Create a list of all places you have data stored while keeping in mind these places can be physical and digital.
Some common places you have data stored include:

  • Computers
  • Local Servers
  • Cloud Storage
  • Tablets
  • Mobile Devices
  • Back-ups
  • External Hard/Flash Drives
  • Online Service Accounts with Login Credentials
  • Email Accounts
  • Applications
  • Building Access Management

When compiling your list, be on the lookout for “Comatose Servers” and other data storage that exists, but is no longer in use.

Determine Who Has Access to What Data

The next part of the process is to compile a list of everyone who can access your business’s data. Then, establish who on that list has access to what data under what circumstances. Finding people employed by your company is the easy part, but keeping track on anyone outside your company who has access to some information is more difficult to track and arguably more important to keep tabs on. Giving external groups access to your business’s information creates additional risks which require extra management attention.
Your list of people may include:

  • Employees
  • Business Partners
  • Contractors
  • Third-Parties

Establish and Implement Access Management Policy

The final part of the process involves determining how data is handled and protected. Your business can use the lists to establish who has access to specific data and under what circumstances that person is allowed to access that information. With the collected information, your business can implement methods of controlling, managing, and tracking access privileges on a case-by-case basis. Managing access may involve running access control software, removing account access when employees quit, and enforcing access policies. Controlling access can be an incredible tool for preventing information leaks from both accidental and deliberate actions.
An IT inventory assessment is primarily a planning process that makes implementing other practices easier. Businesses will see the benefits of conducting an IT assessment immediately; however, the assessments need to be run on a regular basis to keep up-to-date with changes. Your list will likely be sizable, so using a secure, group accessible spreadsheet like a private Google Doc can be an easy option so multiple employees at the company can work with it simultaneously and everyone always has the most recent version. The information your business gains from an IT assessment will make it easier to implement security practices, pinpoint areas where your business needs to improve security, and identify breaches if they occur.


We’re ready to help you see how the right IT solutions can transform your business.

We’re ready to help you see how the right IT solutions can transform your business. Contact Globalquest today to learn more about what we can do to help you pursue your goals.

Call us at (716) 601-3524 or send an email to

Book your complimentary consultation today

GlobalQuest will never sell or rent your contact information. Your info is secure with us.