How Security Aware Are You?
By Stuart Janicki • 25 Oct 2012
The Information Commissioner's Office (ICO), recently produced an excellent report on the availability of security advice for small to medium enterprises (SMEs). The report provided a useful insight into the dilemmas faced by SMEs in regards to the priority of data security within an organisation. These dilemmas exist because of the constraints faced by SMEs, in regards to the availability of data security advice and a lack of technical expertise to implement security policy.
It is vital for all businesses to understand the importance of data security, so why concentrate on small and medium businesses specifically? Well, there is a lot of small and medium enterprises; within the European Union 99% of all enterprises are represented by SMEs and in the UK there are 4 million 'micro businesses'. The consequences of all of these organisations failing to implement data security would be extensive, and it is within the ICO's remit to stop data exposures. A lack of data security within SMEs also has an impact on larger corporations, especially because so many tasks are outsourced to SMEs and therefore have a responsibility to protect the data they handle.
Small to medium organisations typically find that most security solutions are not only designed for corporate level, but also priced at corporate level and require a high level of technical ability. This has created a culture within SME's where security policy becomes deprioritised, and typically doesn't get created in start-up organisations. The problem is that SMEs typically don't have the expertise to form this policy and don't know where to go for advice.
You can access the ICO's full document here, or to help you out, we've included some useful links below. It's good for any company to create a culture of data security because implementing it now has massive benefits for future operations. Data loss is devastating for an organisation, to the point where customers can be lost; productivity is affected and can even stop new customers joining. Creating a security policy may even win you new business, as potential customers appreciate that you care about their data!
> IT Security: The Basics
Why it is important to your business that you take full account of the need for IT security
> Write a plan
How to write a good business security plan
> Assess and Minimise Your IT Risks
This interactive tool helps you to deal with the risks facing your IT systems
> Information Security Best Practice
Information security and why it is important for businesses
> Keeping Your Systems and Data Secure
How to ensure that the information your business needs to operate successfully is stored securely.
> Prevent data theft using removable devices
Be wary of portable storage devices
> Use encryption
Encrypt important information for extra security
> Comply with the Data Protection Act
Make sure that you are legally compliant
> Write good staff policies
Employees should pay as much attention to online security as you do
Share this post