Return to all blogs

Top IT security tips from the Information Commissioners Office

Posted:

Intrasource
Intrasource
Intrasource

With the highly competitive and somewhat cluttered marketplace of IT support and Managed Service Providers, it could be easy to adopt the cynical view that there is a bit of scaremongering going on when it comes to IT security.

There is a lot of noise being created in the IT security arena and it can be difficult for businesses to appreciate the dangers and put adequate measures in place. IT support and MSP’s are all commercial organisations vying for your business…….so who do you listen to? What should you be doing?

A good starting point is the Information Commissioners Office. The ICO is a non-departmental body that reports directly to Parliament and is sponsored by the Department for Culture, Media and Sport.

They issue lots of guidance for businesses in the UK on a whole range of issues such as data protection and IT security. They recently issued the following tips on IT security:

Computer Security

  • Install a firewall and virus checking on your computers.
  • Make sure that your operating system is set up to receive automatic updates.
  • Protect your computer by downloading the latest patches or security updates, which should cover vulnerabilities.
  • Regular vulnerability scans.
  • Only allow your staff access to the information they need to do their job and don’t let them share passwords.
  • Encrypt any personal information held electronically that would cause damage or distress if it were lost or stolen.
  • Take regular back-ups of the information on your computer system and keep them in a separate place so that if you lose your computers, you don’t lose the information.
  • Securely remove all personal information before disposing of old computers (by using technology or destroying the hard disk).
  • Consider installing an anti-spyware tool. Spyware is the generic name given to programs that are designed to secretly monitor your activities on your computer. Spyware can be unwittingly installed within other file and program downloads, and their use is often malicious. They can capture passwords, banking credentials and credit card details, then relay them back to fraudsters. Anti-spyware helps to monitor and protect your computer from spyware threats, and it is often free to use and update.

Email Security

  • Install a firewall and virus checking on your computers.
  • Make sure that your operating system is set up to receive automatic updates.
  • Protect your computer by downloading the latest patches or security updates, which should cover vulnerabilities.
  • Only allow your staff access to the information they need to do their job and don’t let them share passwords.
  • Encrypt any personal information held electronically that would cause damage or distress if it were lost or stolen.
  • Take regular back-ups of the information on your computer system and keep them in a separate place so that if you lose your computers, you don’t lose the information.
  • Securely remove all personal information before disposing of old computers (by using technology or destroying the hard disk).
  • Consider installing an anti-spyware tool. Spyware is the generic name given to programs that are designed to secretly monitor your activities on your computer. Spyware can be unwittingly installed within other file and program downloads, and their use is often malicious. They can capture passwords, banking credentials and credit card details, then relay them back to fraudsters. Anti-spyware helps to monitor and protect your computer from spyware threats, and it is often free to use and update.

Staff Training & Security

Train your staff:

  • so they know what is expected of them;
  • to be wary of people who may try to trick them into giving out personal details;
  • Always beware the insider threat!
  • so that they can be prosecuted if they deliberately give out personal details without permission;
  • to use a strong password - these are long (at least seven characters) and have a combination of upper and lower case letters, numbers and the special keyboard characters like the asterisk or currency symbols;
  • not to send offensive emails about other people, their private lives or anything else that could bring your organisation into disrepute;
  • not to believe emails that appear to come from your bank that ask for your account, credit card details or your password (a bank would never ask for this information in this way);
  • not to open spam – not even to unsubscribe or ask for no more mailings. Tell them to delete the email and either get spam filters on your computers or use an email provider that offers this service.

These are very general guidelines but it gives a strong indication of what businesses should be doing as a minimum. It could also be that the advice at times is too generic and can actually disrupt your system if you don’t have the technical know-how needed, for example, automatic updates and patches can cause system issues.

These updates and patches are vital and the best way to deploy them with minimal disruption is to let a quality IT support company manage the whole process for you. An IT support company that knows what it is doing will tailor make a security set up for your business that is multi-layered with the right blend of products and services.

The bottom line is, there are lots of dangers when it comes to IT security services and data protection, you just need to do your due diligence and let the right kind of IT support provider take the risk and pain away for you.

Find more information and IT security news here.

Return to all blogs

Contact us today and see how Intrasource can help your business

Contact us
×