WHERE LOCAL BUSINESS GROWS

IT Security

You need to protect your information, as you would any other valuable business asset. Get tips on securing your IT systems and learn about potential consequences of cyber attacks.


IT security – why bother?
 

The Data Protection Act says that appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. Breaches of data protection legislation could lead to your business incurring a fine,  up to £500,000 in serious cases.

The reputation of your business could also be damaged if inadequate security contributes to high profile incidents of data loss or theft. However, there are measures that you can put in place to prevent security breaches or limit the damage if they do occur.

Assess the risks to your business
 

Before you can establish what level of security is right for your business you will need to review the personal data you hold and assess the risks to that data. You should consider all processes involved as you collect, store, use and dispose of personal data. Consider how valuable, sensitive or confidential the information is and what damage or distress could be caused to individuals if there was a security breach. With a clear view of the risks you can begin to choose the security measures that are appropriate for your needs. The next step is to begin putting them in place.​​

Some organisations do not have adequate levels of protection because they are not correctly using the security they already have, and are not always able to spot when there is a problem. You need to make sure that all your employees are aware of their roles and responsibilities and that they are clear about when action needs to be taken. You should also consider what actions you should put into place should you suffer a data breach.

Take the time to review what personal data you currently have and the means of protection you have in place. Make sure you are compliant with any industry guidance or legal requirements. Document the controls you have in place and identify where you need to make improvements. Once any improvements are in place, continue to monitor the controls and make adjustments where necessary.

Consider the risks for each type of personal data you hold and how you would manage a data breach. This way you can reduce the impact if the worst was to happen.

You should also have an acceptable-use policy and training materials for staff so that they know their data protection responsibilities.

Get a security expert to review your systems.This will highlight where your security vulnerabilities are and how best to address them.

Don’t forget about backups of your data. Backups should be made regularly, kept secure and properly deleted when no longer required.

Take a layered approach to security
 

There is no single product that will provide a 100% guarantee of security for your business. The key to effective security is to have a layered approach, combining a number of different tools and techniques. if one layer were to fail then others are in place to catch the threat.

Employee awareness and training

Employees at all levels need to be aware of what their roles and responsibilities are. Train your staff to recognise threats such as phishing emails and other malware.

Intrusion defence

You need to be able to stop breaches happening before they penetrate deep into your network, for example by using a well configured firewall.

Access controls

Restrict access to your system to users and sources you trust. Each user must have their own username and password. A brute force password attack is a common method of attack, perhaps even by casual users trying to access your Wi-Fi so you need to enforce strong passwords, limit the number of failed login attempts and enforce regular password changes. Passwords or other access should be cancelled immediately a staff member leaves the organisation or is absent for long periods.

Physical security

Equipment containing personal data could be stolen in a break-in. You should ensure that personal data on your systems is protected against these threats. Your servers should be in a separate room with added protection. Back-up devices should not be left unattended and should be locked away when not in use.

Segmentation

You can prevent or limit the severity of data breaches by separating and limiting access between your network components. For example, your web server should be separate from your main file server. This means that if your website was compromised the attacker would not have direct access to your central data store.

Policies

A policy will enable you to make sure you address the risks in a consistent manner. Well written policies should integrate well with business processes.

Device Maintenance

Remove unused software and services from your devices. Older versions of some widespread software have well documented security vulnerabilities. If you don’t use it, then it is much easier to remove it than try to keep it up-to-date. Make sure you have changed any default passwords used by software or hardware, these are well known by attackers.

Internet banking

Always access internet banking by typing the bank's address into your web browser.

Never visit a website from an email link to enter personal details.

If in doubt:

Contact the bank seperately on an advertised number
Check your bank's website for safety tips
Check your bank statement thoroughly
Look for a locked padlock or unbroken key symbol in the bottom right of your browser window before accessing the bank site - the beginning of the bank's internet address will change from 'http' to 'https' when a secure connection is made
Don't leave your computer unattended when logged in to internet banking
Wipe your hard drive before you dispose of an old computer
Always have a disaster recovery plan in place and updated

Secure your IT on the move
 

You need to ensure that the same level of security is applied to personal data on devices being used away from the office. Many data breaches arise from the theft or loss of a device (eg. laptop, mobile phone or USB drive) but you should also consider the security surrounding data you might send by email or post. You can take steps to reduce the effects of the theft by ensuring that personal data is either not on the device in the first place or that it has been appropriately secured so that it cannot be accessed.

Encryption is a means of ensuring that data can only be accessed by authorised users. Typically, a password is required to ‘unlock’ the data. Full disk encryption means that the all data on the computer is encrypted. File encryption means that individual files can be encrypted.

Your encryption password should be a mix of upper and lowercase, numbers and special characters (i.e. #, &, !) and be kept a secret. Some software offers password protection to stop people making changes to the data but this may not stop a thief reading the data.

Make sure you know exactly what protection you are applying to your data. Some mobile devices support a remote disable or wipe facility. This allows you to send a signal to a lost or stolen device to locate it and, if necessary, securely delete all data. – Your devices will need to be pre-registered with a service like this.

Only transfer personal data to mobile devices if you actually need it and remove it when you have finished.

Stay on the alert
 

Computer equipment and software needs regular maintenance to keep it running smoothly and to fix any security vulnerabilities. Security software such as antivirus and anti-malware needs regular updates in order to continue to provide adequate protection.

Make sure any security software you have is switched-on and monitoring the files it should be. Keep your software up-to-date by checking regularly for updates and applying them. Most software can be set to update automatically. If your system is a few years old, you should review the protection you have in place to make sure that it is still adequate. You should also keep your knowledge of threats up-to-date by reading security bulletins or newsletters from organisations relevant to your business. You should also let your staff know about possible threats to your organisation. This could include alerting employees to the risks involved in posting information relating to your business activities on social networks or ensuring they know how to recognise phishing emails.

Cyber criminals or malware can attack your systems and go unnoticed for a long time. Many people only find out they have been attacked when it is too late even though the warning signs were there. Check your security software messages, access control logs and other reporting systems you have in place regularly. Make sure you can check what software or services are running on your network. Make sure you can identify if there is something there which should not be. Run regular vulnerability scans and penetration tests to scan your systems for known vulnerabilities – make sure you address any vulnerabilities identified.

Minimise your data
 

The Data Protection Act says that personal data should be accurate, up to date and kept for no longer than is necessary. Over time you may have collected large amounts of personal data. Some of this data may be out-of-date and inaccurate or no longer useful.

Decide if you still need the data. If you do, is it stored in the right place? – If you have data you need to keep for archive purposes but don’t need to access regularly, move it to a more secure location. This will help prevent unauthorised access. If you have data you really no longer need, you should delete it. This should be in line with your data retention and disposal policies. You might need specialist software or assistance to do this securely.

Cyber Security for Small Businesses
 

This guidance explains the threat from cyber attack and shows how you can protect your business. It includes advice on:

  • using strong passwords
  • updating software
  • providing simple staff awareness and training
  • managing risk
  • using the Cyber Essentials scheme to protect against common online threats

The advice will help you to protect your:

  • business information
  • cash flow
  • customers
  • reputation

Read More...

Advertisements
Did you know...
Fairtrade is about better prices, decent working conditions, local sustainability and fair terms of trade

News

5 results found 
New technology investment for heritage display specialists Leach

Thursday 22 June 2017

Creative display specialist Leach Inspire has procured new print technology to further improve the longevity of its signage products. The investment will support ongoing innovations within the heritage side of the business. Set to be used primarily on Leach’s external signage system – Vault – the new print system produces an even stronger bond between the ink and substrate. The result is greater print adhesion to the base layer and heightened performance of the overall sign. The technology has already been put to good use, having helped to produce 40 interpretative Vault systems for Culzean Castle in Scotland. Commenting on the developments, Director Jim Parkin said: “Vault is a well-established signage product renowned for its durability and stunning photographic quality which has helped to transform the external tourism and heritage landscape. But we’re not a company that rests on our laurels. We believe in pushing new boundaries for clients so have invested in the print technology that will result in even more vandal-proof systems that can last 10 years with ease.” Moving forward the printer will be used on other elements of Leach Inspire projects, such as fabrics for internal museum displays. The technological investment comes hot on the heels of wider R&D announcements throughout the business. Mike Wilshaw has joined the Leach team as head of innovation for example, and elsewhere, in Leach Impact, there have been a series of new product launches including the Vision Product Wall. But with an annual R&D budget of £250,000, there could be lots more in store for 2017. “Clients are constantly demanding more for their investments, especially in the heritage sector,” adds Mike. “But rightly so. Technology is getting ever-smarter, which means we can engineer creative solutions that weren’t previously possible. It’s this innovative mindset which keeps Leach one step ahead of competitors and the public engaged with our clients’ spaces.” Leach Inspire is one of three brands within the Leach group of companies. Leach Inspire and Leach Studio serve the museum, heritage and visitor attraction sectors, whilst Leach Impact has become renowned for its retail, brand and exhibition display solutions.
Posted by Scriba PR Limited
Million pound investment for Yorkshire cloud tech specialist

Tuesday 20 June 2017

Yorkshire-based Vapour Cloud has received a £1m injection, to support its national expansion. The investment from Seneca Partners will see the tech firm plough further capital into the continued innovation of its bespoke cloud solutions. The money will also help boost the team’s headcount by 20%, with new roles across the sales, marketing, implementation and support functions. The news comes as Vapour celebrates its fourth year in business. Established in 2013 by CEO Tim Mercer, Financial Director Jason Sharp and Cloud Director Steve Dempsey, the company has now attracted £4m investment in total, including a £750,000 sum from Seneca back in 2016. The 31-strong team now has its sights set on £6m turnover by the end of 2018, with the goal being to double that revenue by 2020. Having already relocated to its new 4,500sqft headquarters in Elland, bringing together its Leeds and Manchester teams, Vapour has established a secure integrated network operation to support its base of channel partners and end customers. But Tim now has his eyes set firmly on the future. “The past four years have seen us cement our presence as a true cloud technology specialist,” he said. “Rather than diversifying like many tech companies do, and risk fragmenting our offering, we’ve remained focused on three things – secure network connectivity, voice communications and storage. “Thanks to our own secure platform and evolving solutions which bring voice and data together, we’re now the trusted cloud tech partner for organisations ranging from local SMEs through to the UK’s leading resellers and their blue-chip brands. Our projects are becoming increasingly bespoke, but it’s because people are realising the sky’s the limits when it comes to advanced cloud solutions.” Commenting on the decision to invest, Richard Manley, Managing Partner at Seneca said: “We’ve seen Vapour’s transition from a budding start-up venture to a key player in the attractive cloud space. The capabilities of their platform are superb, which enables them to deliver future-proofed and secure solutions to businesses throughout the UK. “Their true specialism in this field sees them achieve enviable results for clients. This is therefore a very exciting time for them, in which we hope the investment will fuel the next chapter of their nationwide expansion.” Vapour Cloud is based at Lowfields Business Park, minutes from the M62. The tech firm provides an array of secure cloud-based services including network connectivity, hosted servers, varied voice and data communications solutions, as well as storage, back up and replication services.
Posted by Scriba PR Limited
Social Progress MD selected for Digital Women Debate Panel

Saturday 03 June 2017

During the Digital Marketing Roadshow - Wigan on Wednesday 7th June at DW Stadium five leading industry experts will be coming together to discuss diversity in Digital and how gender balance is being addressed. The day has a very exciting list of digital related seminars throughout the day including a Google Digital Garage session on 'Reach New Customers Online & Know your Business with Google Analytics.' The Digital Women Debate is being hosted by Naomi Timperley who runs Coo Digital & is a Tech North Advocate. Social Progress, owner and MD Janet Bebb is one of the five panelists discussing gender balance in the digital along with Debbie Edwards, F Disrupters, Wendy Bowers at Role, Melissa Conlon, Commercial Director at Magma and Aaron Crewe from novi.digital. Big Screen Social our highly visual Twitter Wall will also be featuring at the event displaying the photos, branding and messages of delegates, exhibitors and speakers via hashtag #DMRoadshow helping to spread the word about the full day event and reach an online audience. This free to attend event is part of a series of Digital Marketing Roadshows taking place across the North West of England organised by Launch Events. https://www.socialprogress.co.uk/social-progress-selected-for-digital-women-debate-panel/
Posted by Social Progress
Vizulate becomes Approved Supplier on Digital Enterprise scheme

Friday 10 March 2017

Vizulate Digital is delighted to announce that we have been named as an approved supplier on the Leeds City Region Digital Enterprise scheme, which allows eligible small and medium sized businesses across Yorkshire to ‘Invest in Digital’. Running until March 2019, the Digital Enterprise scheme aims to support the growth and development of SMEs in the region through investment in digital skills and technology. Eligible businesses will be able to apply for 40% funding towards the cost of digital projects including digital marketing, social media, web design and development, e-commerce and more – up to a maximum of £5,000. The Digital Growth Vouchers could also fund part of the cost of technology upgrades such as IT and telecoms and, if approved, the business will then only have to cover the remaining 60% of the cost. The Digital Enterprise scheme is a partnership programme which is partly funded by the European Union (European Regional Development Fund), the West Yorkshire Combined Authority/Leeds city region Local Enterprise Partnership (LEP) and the 9 local authorities which form part of the Leeds city region – Leeds, Calderdale, Kirklees, Bradford, Selby, Craven, Harrogate, York and Wakefield. As approved suppliers on the Digital Enterprise scheme with over 10 years’ experience we are able to offer the full range of digital services including: Website Design & Development E-Commerce Digital Marketing Social Media Search Engine Optimisation (SEO) Online Advertising (Google AdWords, Facebook Ads etc.) Video & Animation Integrated Digital Solutions Web Hosting & Email Through our trusted partners we can also provide IT and telecoms solutions. We believe digital marketing represents the single biggest opportunity for businesses to achieve growth.
Posted by Vizulate Digital
Huddersfield Digital Marketing Trainer is only Facebook #SheMeansBusiness Accredited Trainer in the North of England

Wednesday 22 February 2017

Janet Bebb of Social Progress Ltd was recently invited to Facebook International, Ireland to be trained up on Facebook Fundamentals, Facebook Pages, Instagram and Advertising as part of the She Means Business initiative. Janet was flown out to Dublin, with seven other UK digital experts, to learn from the social media giant about their new initiative, She Means Business being delivered in partnership with Enterprise Nation. “Facebook offices were such an inspiring and fun place to be and we all learned a lot from both Facebook and each other” – Janet Bebb, Social Progress Ltd As well as being shown around the Dublin Facebook HQ, these digital experts were trained especially to deliver the She Means Business Programme across the UK, on behalf of Facebook and Enterprise Nation, at nationwide events throughout 2017. The programme is designed especially to encourage budding and existing businesswomen across the UK to develop their businesses and grow their digital skills in 2017. The aim is to provide digital skills training to more than 10,000 women. Not only does the programme involve various events to book onto, but they will also provide resources and support for the women who register onto the programme. “I wouldn’t have been able to set up Social Progress Ltd by myself without the support and advise I received from similar support programmes over 5 years ago. It’s awesome to be able to support more business women to achieve their business goals and realise their potential!” – Janet Bebb, Social Progress Ltd Janet was the only trainer selected from “up North” with the majority of the others being from the London area & Southern Counties. These eight individuals included social media consultants & digital marketers who will each deliver the She Means Business programme in their area, to cover the UK together. For more information and to book visit the Enterprise Nation website: www.enterprisenation.com/shemeansbusiness
Posted by Social Progress
5 results found 

Events Posted

12 results found, page 1 of 2.  
Image for
Cyber Security Seminar
Friday 30 June 2017, 09:00 - 13:00
Rider Street, Rider Street, Leeds, West Yorkshire, LS9 7BQ
20 Credits
Image for
Google Plus Mini Workshop
Tuesday 4 July 2017, 14:00 - 16:00
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£40 - 6 places
Image for
Pinterest & Instagram Mini Workshop
Wednesday 5 July 2017, 10:00 - 12:00
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£40 - 6 places
Image for
Content Creation and Blogging for Business
Wednesday 12 July 2017, 13:30 - 16:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
Twitter for Business Workshop
Wednesday 12 July 2017, 09:30 - 12:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
LinkedIn for Business Workshop
Thursday 20 July 2017, 09:30 - 12:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
Facebook Advertising Workshop
Thursday 3 August 2017, 13:30 - 16:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
Facebook for Business Workshop
Thursday 3 August 2017, 09:30 - 12:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
Social Media Marketing and Branding
Wednesday 16 August 2017, 13:30 - 16:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
LinkedIn for Business Workshop
Wednesday 30 August 2017, 13:30 - 16:30
Bridge House, Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
12 results found, page 1 of 2.  
Designed by Kirklees Council
Built and powered by Alcium Software
Close cookie policy popup window
This site uses cookies for analysis purposes only. This helps us understand how you and other visitors use our site. To see a complete list of these cookies or to opt out please access our cookie policy page.

You will see this message only once, but you will be able to find more information about our use of cookies or opt out at any time.