Skip to content

Insights

Security Implications of Staffing and Supply Chain Shortages

If your company is not one who has felt the impact of staffing and supply chain shortages over the past 2 years, consider yourself lucky. A recent CNBC survey reported that half of all workers say their companies are understaffed. A February poll of electronics companies conducted by ElectronicDesign found that only 13% said their inventory levels are improving. Electronic product shortages continue due to lack of semiconductors and other components. While staffing and supply chain shortages can affect various areas of your company from overtime to higher materials costs, have you considered the security implications that these two shortages can cause?

Shortages of experienced IT workers can have a serious impact on your company’s security. They disrupt technology projects and could create a barrier to the adoption of emerging technology needed to maintain strong cybersecurity for the company and the increased volume of remote workers. Perhaps as important as the software side is lack of staff to build and support digital infrastructure and platform services which have grown significantly since the beginning of the pandemic. Finally, the ability to convert to or implement the cloud technologies that have seen a sharp increase in usage as a result of the continued remote work environment are also affected by the lack of strong and sufficient IT labor.

The shortage of chips and other electronics components has made even finding a laptop for a new employee difficult as the lead times have grown and backorders are common. There are shortages in almost every major network device category. The inability to obtain the necessary equipment to upgrade or implement new software and platforms reduces the level of security your company is able to put in place.

In a world where your company might need to make do with an understaffed IT department and lack of equipment, it’s necessary to prioritize the most important security options you can accomplish based on the level of technical expertise and equipment your company is able to obtain. There are some simple but effective security measures that your company can implement:

  • Enable multi-factor authentication
  • Enable strong group policy controls around passwords and logons
  • Install antivirus protection
  • Maintain up-to-date patching
  • Encrypt devices
  • Update policies and procedures, and train employees on the dangers of unknown websites, downloads, and emails
  • Perform frequent backups
  • Enable alerts for any system and monitor

If your company currently undergoes an annual SOC 2 audit, you are probably already aware of many of these tips. If you are interested in more information about obtaining a SOC report or having an IT Assessment performed on your entity to identify vulnerabilities, please contact us. M&A has the expertise to assist you with these projects and answer your IT Security questions.


About the Author

Lynnanne Bocchi

Lynnanne joined McKonly & Asbury in 2018 and is currently a Director with the firm. She is a key member of our firm’s System and Organization Controls (SOC) Practice, preparing SOC 1, SOC 2, and SOC 3 reports for our clients. She holds the… Read more

Related Services

SOC & Technology Consulting

Related Industries

SOC & Cybersecurity

Subscribe to Our Newsletter

Related Insights

View All Insights
  Contact Us