Taking security measures to protect your business is not often high on peoples agenda. However, good security can be an enabler for a thriving business, you will be protecting your assets, your reputation, your customers, and your peace of mind.
The majority of consumers consider identity theft as a major threat when buying on-line, to reassure customers that their data is safe with you is a powerful marketing tool.
|
If your business has to comply with the Data Protection Act you are obliged to take certain measures to secure your data.
Principle 7 of the Act states;
"Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.”
By taking these measures you will also be protecting all other data held by your business.
|
Who pose's a threat to your data?
Current or former employees, or people you do business with. Compromising your information by accident, through negligence, or with malicious intent.
Criminals. Out to steal from you, compromise your valuable information or disrupt your business because they don’t like what you do.
Business competitors. Wanting to gain an economic advantage.
|
What form could the threat take?
Theft or unauthorised access of computers, laptops, tablets, mobiles.
Remote attack on your IT systems or website.
Attacks to information held in third party systems e.g. your hosted services or company bank account.
Gaining access to information through your staff.
|
To provide a suitable level of security for your business data you first need to assess the risks. With a clear view of the risks you can begin to introduce security measures that are appropriate for your business in the most cost effective way.
You should consider how and where valuable, sensitive and confidential information is stored. Who has access to it, how it is used and it's eventually disposed.
|
What impact could the lose of data have?
Financial losses from theft of information, financial and bank details or money.
Financial losses from disruption to trading and doing business – especially if you are dependent on doing business on-line.
Costs from cleaning up affected systems and getting them up and running.
Costs of fines if personal data is lost or compromised.
Costs of losing business through damage to your reputation and customer base.
Damage to other companies that you supply or are connected to.
|
When it comes to providing security for your data, it is easy to overlook the importance of protecting the physical equipment it is stored on from theft.
It is still far easier to access your data by entering your premises than by an on-line attack on your computer system.
|
As well as burglary someone may enter your premises by masquerading as a supplier or potential customer. It does not take long for a criminal to achieve their objectives once you have been tricked or distracted.
It does not matter what sophisticated software-based security products you may have, if the equipment is not kept physically secure the data will be lost.
|