A technology plan is designed to ensure compatibility with existing technology on the market, increase quality standards and efficiency, customer data security, information integrity, and validity, reduce cost and false starts, and above all, address the unique needs and situations of your customers. The plan should be in alignment with your organization’s vision statement, objectives, expense and budget, and the needs of the employees, organizational processes, and current technology. This includes customer systems, internal systems, proprietary and legacy systems, and operating systems.

You Security Team:
Your Information Technology Management Team should be sourced from its existing staff structure.

The team sets technical priorities, assists in decisions in technology plan implementation, and advocates for technology in the budgeting process. The team should be made up of a representative cross-section of the Organization. This will become increasingly important as your technological capacity grows and the needs of its users become more diverse. Your tech team’s training should ensure continuity that outlasts the tenure of any one individual.

IT Management Team Responsibility:
Recommends budgets.
Provides oversight of technology problems and user-related issues.
Establishes standards for hardware, software, and training needs.
Develops technology policies and procedures.
Periodically reviews the Organization’s technology plan to ensure that it coincides with the Organization’s mission.
Periodically reviews the technology-related roles of staff members to ensure primary responsibilities are not being overtaken by technology-related ones.
Determines if the scale of technology administration requires hiring for a specific role
Leads technology-related initiatives.
Communicates the Organization’s technology support expectations, capabilities, and escalation paths.
IT Technology Strategist (Chief Information Officer) ensures the continued integrity of your networks and systems, and that a Chief Information Officer’s position has been established.

The CIO is charged with the following responsibilities:
Budgeting, approving, funding and creating technology plans, policies, and strategies
Designs maintain, and reviews IT policy
Is a Member of the technology team
Makes final decisions for hardware and software standards
Approves all IT projects
IT advocates for other executives and board
Ensures IT operates in step with the strategic plan
Ensures IT operates in step with Organization’s mission

Database Manager Responsibilities are:
System maintenance
System documentation
Identifies potential IT problems and needs
Manages system upgrades, Including software and hardware
Manages IT projects such as database design and development
Works with CIO to prepare a budget or other reports as required
Manages relationships with vendors, contractors, and service providers
Conduct and lead training as required

Password Security Guideline should be as follows:
Password should not be left blank.
Password should be a minimum of 6 characters long
Password must use at least one number and/or a special character (i.e. %^!#)
Never use birthday, family names, Organization names,s or other things that are easy to guess
Users should change their passwords on a regular basis.

Additional measures to ensure passwords are not blank or set as the default are as follows:
Default DSL provider account
Firewall or router
Administrator account for network server
Administrator account for web hosting
Administrator account for email hosting
Password Protected File Sharing
System files are password-protected and can only be shared securely.

Secure Data Management Applications:
The use of secure data management applications helps to keep track of mission-critical information, such as data about customers. Your business should incorporate a client tracking database to further secure clients’ information.

YourCompany.com Domain
Critical aspects of the domain should have SSL protection to ensure added security layer to your data and that of our customers.

Payment Gateway:
Your Shopping Cart System guarantees the safety of our clients’ information by providing the following:
Protects cardholder data
Maintains a vulnerability management program
Implements strong access control measures
Regularly monitors and tests networks
Maintains an information security policy
100% PCI/CISP compliant (Among the first to be fully certified by Visa)
Provides Secure HTTPS/SSL encryption
Provides Password-protected administration login area
Provides Time-limited access for clients to download digital products which prevent copyright theft
Provides SPAM checker for emails

Your Organization-wide Backup Systems:
Your practice should have an organization-wide consistent and redundant backup system that’s made up of backup drives with a designated backup manager. The system backs up all system files and data to avoid the risk of losing important files and programs. This involves an automated backup scheduling system that backs up the system’s data at predefined intervals on a daily basis. Independent software programs and systems are routinely backed up and redundantly duplicated and hosted remotely to prevent the risk of data loss in the event of natural disasters such as fire, flood, etc.

Encryption:
SSL Encryption is provided as part of your added secure server layer data protection technology for the safety of our data and that of your customers.

Firewall Protection:
As part of the overall organization-wide protection measures, a firewall helps protect computers by preventing unauthorized users from gaining access to the systems through either a network or the internet.

Comprehensive Server-based Virus Protection:
Your virus protection program generally works together with the Firewall program to help protect the systems. Antivirus program helps protect against viruses and other security threats that can try to sneak in maliciously.

Network Security:
Your company’s network security measures should include setting up a Virtual Private Network. VPN provides a secure means of giving multiple users access to your network from any point on the Internet securely.

Email Protection:
To ensure secured communication via email, your business could deploy Microsoft Exchange Server to help apply and enforce broad sets of security blankets across your email communication structure.

Technology Plan Summary:
Overall, your business technology systems, capabilities, and management processes should include redundant server systems, computers systems, secure internet connection, and policies on information access, usage, and distribution, file sharing and organization, email and internet usage, password security, licensing, usage guidelines, data backup systems, antivirus programs, network integrity, and customer protection measures and systems.