WHERE LOCAL BUSINESS GROWS

IT Security

You need to protect your information, as you would any other valuable business asset. Get tips on securing your IT systems and learn about potential consequences of cyber attacks.


IT security – why bother?
 

The Data Protection Act says that appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. Breaches of data protection legislation could lead to your business incurring a fine,  up to £500,000 in serious cases.

The reputation of your business could also be damaged if inadequate security contributes to high profile incidents of data loss or theft. However, there are measures that you can put in place to prevent security breaches or limit the damage if they do occur.

Assess the risks to your business
 

Before you can establish what level of security is right for your business you will need to review the personal data you hold and assess the risks to that data. You should consider all processes involved as you collect, store, use and dispose of personal data. Consider how valuable, sensitive or confidential the information is and what damage or distress could be caused to individuals if there was a security breach. With a clear view of the risks you can begin to choose the security measures that are appropriate for your needs. The next step is to begin putting them in place.​​

Some organisations do not have adequate levels of protection because they are not correctly using the security they already have, and are not always able to spot when there is a problem. You need to make sure that all your employees are aware of their roles and responsibilities and that they are clear about when action needs to be taken. You should also consider what actions you should put into place should you suffer a data breach.

Take the time to review what personal data you currently have and the means of protection you have in place. Make sure you are compliant with any industry guidance or legal requirements. Document the controls you have in place and identify where you need to make improvements. Once any improvements are in place, continue to monitor the controls and make adjustments where necessary.

Consider the risks for each type of personal data you hold and how you would manage a data breach. This way you can reduce the impact if the worst was to happen.

You should also have an acceptable-use policy and training materials for staff so that they know their data protection responsibilities.

Get a security expert to review your systems.This will highlight where your security vulnerabilities are and how best to address them.

Don’t forget about backups of your data. Backups should be made regularly, kept secure and properly deleted when no longer required.

Take a layered approach to security
 

There is no single product that will provide a 100% guarantee of security for your business. The key to effective security is to have a layered approach, combining a number of different tools and techniques. if one layer were to fail then others are in place to catch the threat.

Employee awareness and training

Employees at all levels need to be aware of what their roles and responsibilities are. Train your staff to recognise threats such as phishing emails and other malware.

Intrusion defence

You need to be able to stop breaches happening before they penetrate deep into your network, for example by using a well configured firewall.

Access controls

Restrict access to your system to users and sources you trust. Each user must have their own username and password. A brute force password attack is a common method of attack, perhaps even by casual users trying to access your Wi-Fi so you need to enforce strong passwords, limit the number of failed login attempts and enforce regular password changes. Passwords or other access should be cancelled immediately a staff member leaves the organisation or is absent for long periods.

Physical security

Equipment containing personal data could be stolen in a break-in. You should ensure that personal data on your systems is protected against these threats. Your servers should be in a separate room with added protection. Back-up devices should not be left unattended and should be locked away when not in use.

Segmentation

You can prevent or limit the severity of data breaches by separating and limiting access between your network components. For example, your web server should be separate from your main file server. This means that if your website was compromised the attacker would not have direct access to your central data store.

Policies

A policy will enable you to make sure you address the risks in a consistent manner. Well written policies should integrate well with business processes.

Device Maintenance

Remove unused software and services from your devices. Older versions of some widespread software have well documented security vulnerabilities. If you don’t use it, then it is much easier to remove it than try to keep it up-to-date. Make sure you have changed any default passwords used by software or hardware, these are well known by attackers.

Internet banking

Always access internet banking by typing the bank's address into your web browser.

Never visit a website from an email link to enter personal details.

If in doubt:

Contact the bank seperately on an advertised number
Check your bank's website for safety tips
Check your bank statement thoroughly
Look for a locked padlock or unbroken key symbol in the bottom right of your browser window before accessing the bank site - the beginning of the bank's internet address will change from 'http' to 'https' when a secure connection is made
Don't leave your computer unattended when logged in to internet banking
Wipe your hard drive before you dispose of an old computer
Always have a disaster recovery plan in place and updated

Secure your IT on the move
 

You need to ensure that the same level of security is applied to personal data on devices being used away from the office. Many data breaches arise from the theft or loss of a device (eg. laptop, mobile phone or USB drive) but you should also consider the security surrounding data you might send by email or post. You can take steps to reduce the effects of the theft by ensuring that personal data is either not on the device in the first place or that it has been appropriately secured so that it cannot be accessed.

Encryption is a means of ensuring that data can only be accessed by authorised users. Typically, a password is required to ‘unlock’ the data. Full disk encryption means that the all data on the computer is encrypted. File encryption means that individual files can be encrypted.

Your encryption password should be a mix of upper and lowercase, numbers and special characters (i.e. #, &, !) and be kept a secret. Some software offers password protection to stop people making changes to the data but this may not stop a thief reading the data.

Make sure you know exactly what protection you are applying to your data. Some mobile devices support a remote disable or wipe facility. This allows you to send a signal to a lost or stolen device to locate it and, if necessary, securely delete all data. – Your devices will need to be pre-registered with a service like this.

Only transfer personal data to mobile devices if you actually need it and remove it when you have finished.

Stay on the alert
 

Computer equipment and software needs regular maintenance to keep it running smoothly and to fix any security vulnerabilities. Security software such as antivirus and anti-malware needs regular updates in order to continue to provide adequate protection.

Make sure any security software you have is switched-on and monitoring the files it should be. Keep your software up-to-date by checking regularly for updates and applying them. Most software can be set to update automatically. If your system is a few years old, you should review the protection you have in place to make sure that it is still adequate. You should also keep your knowledge of threats up-to-date by reading security bulletins or newsletters from organisations relevant to your business. You should also let your staff know about possible threats to your organisation. This could include alerting employees to the risks involved in posting information relating to your business activities on social networks or ensuring they know how to recognise phishing emails.

Cyber criminals or malware can attack your systems and go unnoticed for a long time. Many people only find out they have been attacked when it is too late even though the warning signs were there. Check your security software messages, access control logs and other reporting systems you have in place regularly. Make sure you can check what software or services are running on your network. Make sure you can identify if there is something there which should not be. Run regular vulnerability scans and penetration tests to scan your systems for known vulnerabilities – make sure you address any vulnerabilities identified.

Minimise your data
 

The Data Protection Act says that personal data should be accurate, up to date and kept for no longer than is necessary. Over time you may have collected large amounts of personal data. Some of this data may be out-of-date and inaccurate or no longer useful.

Decide if you still need the data. If you do, is it stored in the right place? – If you have data you need to keep for archive purposes but don’t need to access regularly, move it to a more secure location. This will help prevent unauthorised access. If you have data you really no longer need, you should delete it. This should be in line with your data retention and disposal policies. You might need specialist software or assistance to do this securely.

Cyber Security for Small Businesses
 

This guidance explains the threat from cyber attack and shows how you can protect your business. It includes advice on:

  • using strong passwords
  • updating software
  • providing simple staff awareness and training
  • managing risk
  • using the Cyber Essentials scheme to protect against common online threats

The advice will help you to protect your:

  • business information
  • cash flow
  • customers
  • reputation

Read More...

Advertisements
Did you know...
Did you know you can advertise for free on the Hub by spending credits you've earned.

News

4 results found 
Vizulate becomes Approved Supplier on Digital Enterprise scheme

Friday 10 March 2017

Vizulate Digital is delighted to announce that we have been named as an approved supplier on the Leeds City Region Digital Enterprise scheme, which allows eligible small and medium sized businesses across Yorkshire to ‘Invest in Digital’. Running until March 2019, the Digital Enterprise scheme aims to support the growth and development of SMEs in the region through investment in digital skills and technology. Eligible businesses will be able to apply for 40% funding towards the cost of digital projects including digital marketing, social media, web design and development, e-commerce and more – up to a maximum of £5,000. The Digital Growth Vouchers could also fund part of the cost of technology upgrades such as IT and telecoms and, if approved, the business will then only have to cover the remaining 60% of the cost. The Digital Enterprise scheme is a partnership programme which is partly funded by the European Union (European Regional Development Fund), the West Yorkshire Combined Authority/Leeds city region Local Enterprise Partnership (LEP) and the 9 local authorities which form part of the Leeds city region – Leeds, Calderdale, Kirklees, Bradford, Selby, Craven, Harrogate, York and Wakefield. As approved suppliers on the Digital Enterprise scheme with over 10 years’ experience we are able to offer the full range of digital services including: Website Design & Development E-Commerce Digital Marketing Social Media Search Engine Optimisation (SEO) Online Advertising (Google AdWords, Facebook Ads etc.) Video & Animation Integrated Digital Solutions Web Hosting & Email Through our trusted partners we can also provide IT and telecoms solutions. We believe digital marketing represents the single biggest opportunity for businesses to achieve growth.
Posted by Vizulate Digital
Huddersfield Digital Marketing Trainer is only Facebook #SheMeansBusiness Accredited Trainer in the North of England

Wednesday 22 February 2017

Janet Bebb of Social Progress Ltd was recently invited to Facebook International, Ireland to be trained up on Facebook Fundamentals, Facebook Pages, Instagram and Advertising as part of the She Means Business initiative. Janet was flown out to Dublin, with seven other UK digital experts, to learn from the social media giant about their new initiative, She Means Business being delivered in partnership with Enterprise Nation. “Facebook offices were such an inspiring and fun place to be and we all learned a lot from both Facebook and each other” – Janet Bebb, Social Progress Ltd As well as being shown around the Dublin Facebook HQ, these digital experts were trained especially to deliver the She Means Business Programme across the UK, on behalf of Facebook and Enterprise Nation, at nationwide events throughout 2017. The programme is designed especially to encourage budding and existing businesswomen across the UK to develop their businesses and grow their digital skills in 2017. The aim is to provide digital skills training to more than 10,000 women. Not only does the programme involve various events to book onto, but they will also provide resources and support for the women who register onto the programme. “I wouldn’t have been able to set up Social Progress Ltd by myself without the support and advise I received from similar support programmes over 5 years ago. It’s awesome to be able to support more business women to achieve their business goals and realise their potential!” – Janet Bebb, Social Progress Ltd Janet was the only trainer selected from “up North” with the majority of the others being from the London area & Southern Counties. These eight individuals included social media consultants & digital marketers who will each deliver the She Means Business programme in their area, to cover the UK together. For more information and to book visit the Enterprise Nation website: www.enterprisenation.com/shemeansbusiness
Posted by Social Progress
Brighouse business joins forces with West Yorkshire Police to educate SMEs on cyber crime

Wednesday 18 January 2017

With the growing sophistication of cyber attacks, Brighouse based Netpoint Solutions Ltd have joined forces with the Regional Cyber Crime Unit at West Yorkshire Police to alert business owners to the threat of cyber crime. On 10 February 2017, Netpoint Solutions Director Steve Vickerman is hosting a free half-day seminar with Detective Chief Inspector (DCI) Vanessa Smith, Head of the Regional Cyber Crime Unit to educate businesses on how to protect their business. Without intervention, cyber attacks could stifle small business growth and in the worst cases, it can cause businesses to shut down. At the seminar, DCI Smith will explain the risks to businesses and will advise them on the ten critical policies, procedures and protections that every business should have in place to protect themselves. DCI Smith said, “Businesses regardless of size are vulnerable to attack from the cyber criminal who if successful can cause significant harm to the continuous of the business. Awareness of this threat is the first step in protecting your business from the risk of a cyber-attack, followed by education and implementation of simple cyber security measures.” Netpoint Solutions Director Steve Vickerman said, “We know that unfortunately there is growing list of Yorkshire businesses that have lost tens of thousands of pounds to cyber fraud. We really can’t emphasise enough how important it is that business owners are aware of the risks and what steps they can take to reduce the risk of a cyber attack. At this event, they’ll receive advice directly from the Head of the Regional Cyber Crime Unit.” The Federation of Small Businesses (FSB) is helping FSB member Steve promote the event to small and medium sized businesses in an effort to help business owners protect themselves and their business assets from cyber crime. In June 2016, FSB published their report, ‘Cyber Resilience: How to protect small firms in the digital economy,’ which suggested that smaller firms are collectively attacked seven million times per year, costing the UK economy an estimated £5.26 billion. FSB West Yorkshire media spokesperson, Neil Kendall, said: “The digital economy is vital to small businesses - presenting a huge opportunity to reach new markets and customers - but these benefits are matched by the risk of opportunities for criminals to attack businesses. FSB research shows that two-thirds of businesses have been a victim of cyber crime in the last two years, costing each business on average, almost £3,000. Without a concerted effort to reduce cyber crime and improve resilience, small businesses could be at real risk and that is why we would urge business owners to attend this event. It’s free, it takes just a couple of hours out of their working day but they will get some highly valuable and practical advice from DCI Vanessa Smith on how to protect themselves from cyber attacks.” The free seminar runs from 9.30am to 12 noon on Friday 10 February at the Junction 25 Conference Centre on Armytage Road, Brighouse. The seminar is aimed at businesses that employ up to 100 people, and it is ideal for any business which handles financial, medical or personal data or any business owner that is concerned about being defrauded. Refreshments and a buffet lunch are also provided providing an opportunity for delegates to informally network. Places at the event are limited so early booking is advised. Places can be booked through Netpoint Solutions’ website netpointsolutions.co.uk/cybersecurity #MakingITanAsset
Posted by Netpoint Solutions Ltd
Brighouse business joins forces with West Yorkshire Police to educate SMEs on cyber crime

Wednesday 18 January 2017

With the growing sophistication of cyber attacks, Brighouse based Netpoint Solutions Ltd have joined forces with the Regional Cyber Crime Unit at West Yorkshire Police to alert business owners to the threat of cyber crime. On 10 February 2017, Netpoint Solutions Director Steve Vickerman is hosting a free half-day seminar with Detective Chief Inspector (DCI) Vanessa Smith, Head of the Regional Cyber Crime Unit to educate businesses on how to protect their business. Without intervention, cyber attacks could stifle small business growth and in the worst cases, it can cause businesses to shut down. At the seminar DCI Smith will explain the risks to businesses and will advise them on the ten critical policies, procedures and protections that every business should have in place to protect themselves. DCI Smith said, “Businesses regardless of size are vulnerable to attack from the cyber criminal who if successful can cause significant harm to the continuous of the business. Awareness to this threat is the first step in protecting your business from the risk of a cyber-attack, followed by education and implementation of simple cyber security measures.” Netpoint Solutions Director Steve Vickerman said, “We know that unfortunately there is growing list of Yorkshire businesses that have lost tens of thousands of pounds to cyber fraud. We really can’t emphasise enough how important it is that business owners are aware of the risks and what steps they can take to reduce the risk of a cyber attack. At this event they’ll receive advice directly from the Head of the Regional Cyber Crime Unit.” The Federation of Small Businesses (FSB) is helping FSB member Steve promote the event to small and medium sized businesses in an effort to help business owners protect themselves and their business assets from cyber crime. In June 2016, FSB published their report, ‘Cyber Resilience: How to protect small firms in the digital economy,’ which suggested that smaller firms are collectively attacked seven million times per year, costing the UK economy an estimated £5.26 billion. FSB West Yorkshire media spokesperson, Neil Kendall, said: “The digital economy is vital to small businesses - presenting a huge opportunity to reach new markets and customers - but these benefits are matched by the risk of opportunities for criminals to attack businesses. FSB research shows that two thirds of businesses have been a victim of cyber crime in the last two years, costing each businesses on average, almost £3,000. Without a concerted effort to reduce cyber crime and improve resilience, small businesses could be at real risk and that is why we would urge business owners to attend this event. It’s free, it takes just a couple of hours out of their working day but they will get some highly valuable and practical advice from DCI Vanessa Smith on how to protect themselves from cyber attacks.” The free seminar runs from 9.30am to 12 noon on Friday 10 February at the Junction 25 Conference Centre on Armytage Road, Brighouse. The seminar is aimed at businesses that employ up to 100 people, and it is ideal for any business which handles financial, medical or personal data or any business owner that is concerned about being defrauded. Refreshments and a buffet lunch are also provided providing an opportunity for delegates to informally network. Places at the event are limited so early booking is advised. Places can be booked through Netpoint Solutions’ website netpointsolutions.co.uk/cybersecurity #MakingITanAsset
Posted by Netpoint Solutions Ltd
4 results found 

Events Posted

23 results found, page 1 of 3.  
Image for
Facebook Advertising Workshop
Thursday 27 April 2017, 09:30 - 12:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
Design Network North: Rise & Design - Power of the Brand
Friday 28 April 2017, 08:30 - 11:30
162-163 Lower Briggate, LS1 6LY
Free Entry - 30 places
Image for
Pinterest & Instagram Mini Workshop
Wednesday 3 May 2017, 14:00 - 16:00
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£40 - 6 places
Image for
Google Plus Mini Workshop
Friday 5 May 2017, 14:00 - 16:00
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£40 - 6 places
Image for
Social Media Marketing and Branding
Wednesday 10 May 2017, 09:30 - 12:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
Facebook for Business Workshop
Wednesday 10 May 2017, 13:30 - 16:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
Facebook Advertising Workshop
Thursday 18 May 2017, 09:30 - 12:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
Business Hub Live - Innovation and Research & Development
Wednesday 24 May 2017, 08:30 - 10:30
Firth Street, Huddersfield, HD1 3BD
Free Entry - 50 places
Image for
Content Creation and Blogging for Business
Thursday 25 May 2017, 09:30 - 12:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
Image for
Twitter for Business Workshop
Thursday 25 May 2017, 13:30 - 16:30
Bridge House, 2 Woodhead Road, Holmfirth, HD9 6PX
£65 - 6 places
23 results found, page 1 of 3.  
Designed by Kirklees Council
Built and powered by Alcium Software
Close cookie policy popup window
This site uses cookies for analysis purposes only. This helps us understand how you and other visitors use our site. To see a complete list of these cookies or to opt out please access our cookie policy page.

You will see this message only once, but you will be able to find more information about our use of cookies or opt out at any time.