IT Security – are you covered?
Under the Data Protection Act, you have responsibilities to protect the personal information that you and your staff collect and use. This includes a requirement to have appropriate security to prevent it being accidentally or deliberately compromised. Breaches of data protection legislation could lead to your business incurring a fine – up to £500,000 in serious cases. The reputation of your business could also be damaged if inadequate security contributes to high profile incidents of data loss or theft.
So what can you do?
Assess the threats and risks to your business – with a clear view of the risks you can begin to choose the measures appropriate for your business.
Get in line with Cyber Essentials – boundary firewalls and internet gateways, access control, malware protection, patch management and software updates
Secure your data on the move and in the office – encryption of portable data, managing and restricting access to removable media.
Secure your data in the cloud – make sure you know what data is being stored in the cloud, many modern devices have cloud sync setup as default. Do you know how many users have access to dropbox, onedrive or other cloud base storage, and what they are storing on them? With both dropbox and Onedrive suffering data leaks and being susceptible to recent attacks it is imperative that confidential data is controlled and not uploaded to personal cloud storage accounts. Staff training is essential to ensure your employees are not transferring sensitive data to their personal cloud.
Train your staff – employees at all levels should be aware of cyber security essentials and what they need to do to minimise risk to the business. If you would like help with training your staff please call Atlas Business Group where we can arrange for training for your staff onsite, or at our training facilities in Nantwich and Leeds.
Keep an eye out for problems – remain vigilant and carefully read any emails before opening attachments. Do not ignore security warnings, if you are unsure contact us and we will investigate on your behalf.
Know what you should be doing – review your policies regularly and ensure you have everything in place as highlighted above. We at Atlas can help you with creating and reviewing your policies, ensuring you have everything in place to allow your business to have continuity when you need it most.
Minimise your data – The DPA says that personal data should be accurate, up-to-date and kept for no longer than is necessary. Over time a large amount of data can be collected which is no longer required or is inaccurate. If you have data which is no longer needed, you should look to either archive or destroy it.
Do you trade in the EU? If so you must be aware of the General Data Protection Regulation reforms which will apply in the UK soon, take action now and speak with us to ensure you are doing everything you need to ensure compliance with the reforms.
Ask for a security audit of the systems containing your data. This may help to identify vulnerabilities which need to be addressed.
Back up your data – do you have a comprehensive Disaster Recovery plan? How much will downtime cost you? How long would your systems be down in the event of a disaster? Three questions which, when you have the answers can save you a lot of time and money. Atlas Business can help you ensure you are covered in the event of a disaster, please ask us about our scheduled DR testing plans.
If you would like help with assessing your security needs and ensuring you have everything in place, please call Atlas Business Group on 0333 666 3330. With our range of service options, we will work with you to find the most appropriate solution for your business.