By David Powell
IT security is a hot topic at the moment. Only last week the UK South East Regional Organized Crime Unit arrested a teenager on suspicion of having perpetrated a series of high-profile hack attacks, pranks and data breaches against senior US White House officials and CIA Director John Brennan, in violation of the U.K. Computer Misuse Act 1990.
No matter how large or small your business is, you need to have a plan to ensure the security of your information assets. Whether yours is five or 200 pages long, the process of creating a security program will make you think holistically about your organisation’s security. To help, the Information Commissioner's Office (ICO) has published an updated guide to IT security aimed at small businesses, which is intended to be used as a guide to putting appropriate IT security systems in place, avoiding data breach fines and complying with obligations under the Data Protection Act 1998.
Under the Data Protection Act 1998 you must:
- use personal information fairly and lawfully;
- collect only the information necessary for a specific purpose(s);
- ensure it is relevant, accurate and up to date;
- only hold as much as you need, and only for as long as you need it;
- allow the subject of the information to see it on request; and
- keep it secure.
The ICO guide was first published in 2012 and this version updates previous advice on the cloud and contains additional guidance on security of mobile devices. The guide, 'A practical guide to IT security' is a helpful starting point for small businesses to use to address their IT security compliance.
Good information handling makes good business sense, and provides a range of benefits. You'll enhance your business' reputation, increase customer and employee confidence, and by ensuring that personal information is accurate, relevant and safe, save both time and money.
For further information, please contact firstname.lastname@example.org
For further details about our expertise in this area, please Click Here