Well here we are, 2017 and for some of us, the New Year’s resolutions which we eagerly made and endeavoured to keep have already fallen by the wayside! But one resolution you definitely shouldn’t ignore this year is your IT Security.
We understand that keeping IT systems safe can be a complex task, requiring time, resource and specialist knowledge, which is why we wanted to go through ten steps to secure your IT in 2017.
In this first part of our blog, we will guide you through the first five steps which concentrate on practical actions you can take to secure your IT systems. For further information check out the Information Commissioner’s Office’s Practical Guide to Security.
1. Review the risks to your business
There’s a whole host of security software and hardware out there which can help increase the security of your IT but, if the solutions you buy into do not meet the requirements of your business, they could be doing more harm than good.
Review the data that your business holds and assess the potential risks to that data considering all processes involved in the collection, storage, use and disposal of personal data. Once you have a clear idea of the potential risks, choose the security measures that are suitable for your business requirements.
2. Make sure you have the Cyber Essentials
The Government has developed the Cyber Essentials Scheme which highlights five key controls for keeping data safe. These are as follows:
Boundary firewalls and internet gateways – a well-configured firewall is the first line of defence against an attack
Secure configuration – remove unused or outdated software to reduce the number of potential vulnerabilities
Access Control – restrict access to the users and sources you trust
Malware protection – use suitable anti-virus or anti-malware products and ensure your network is scanned regularly
Patch management and software updates – ensure that computer equipment and software are always well maintained
3. Protect your data…everywhere
At the office, store your servers in a separate room with added protection and ensure information is backed up on a regular basis.
Away from the office, ensure that devices used by those who work while on the move have the same level of security as those used in the office itself. Finally, connecting untrusted devices to your network or using untrusted networks while out and about can put you at risk.
4. Use the cloud
Cloud computing has come a long way over the past few years with top providers such as Amazon Web Services (AWS) and Microsoft Azure doing their bit to ensure that your cloud-stored data is safe but that doesn’t mean you can just sit back and relax. Make sure you know where your data is being stored and consider two-factor authentication when gaining access to your data.
5. Backup to future-proof your data
If your business premises was to suffer a major disaster, such as a floor or fire, you’d likely want to get up and running as soon as possible afterwards.
Take the time to make sure that your data is backed up – don’t just assume that someone else within your company is taking care of it.
You can set up an automated backup which will save a copy of your data on a regular basis (without you having to think about it). If something should go wrong, simply restore from the latest backup. It’s also worth noting that loss of data is a breach of the Data Protection Act and could potentially incur a hefty fine.
The above points consider some practical steps you can take to ensure IT security within your business. In the second part of this blog, we’ll look at how you can protect your IT security through people and documentation.
If you can’t wait for the next post, read the Information Commissioner’s Office’s Practical Guide to Security or talk to one of our security experts to find out how Perfect Image can help you improve and maintain the IT security of your business.