Security

Your information is a precious asset. It's what makes your business work. In many cases it's actually more valuable than the computer technology it's stored on. At the end of each business day you lock your doors and windows but are you as careful with your data? Information security is also a business continuity issue: accidental data loss can cause as much disruption as a security breach.

Information security delivers three key objectives: it protects the integrity of your business; ensures that it is more reliable, and that it can keep running should something bad happens.

The threats to your data come in many forms: everything from accidents, theft or malicious damage to infection of your systems by viruses, Trojans and malware.

Any of the above might compromise your ability to access and use vital information, from customer names and addresses, billing and production information, staff payrolls and tax details, to your financial accounts. But it doesn't stop there: your ideas, designs, artwork or intellectual property can also be lost due to a breach in security or a disaster.

Be proactive

At COLT we help our customers take a proactive approach to information security. It's not just about installing anti-virus software; it's also about protecting your data against the consequences of physical failure, floods or any other kind of disaster, right down to the simple but accidental deletion of important information.

And it's not just a problem for the IT specialists - it's a much wider concern that every area of your business needs to address.

It doesn't matter how big or small your business is,  information security is vital. In fact, the smaller you are the more important it is. Viruses and all kinds of malware don't discriminate; they can damage businesses whether they're large or small, but the impact of any data loss is usually more dramatic for a smaller organisation. You might not have the resources to offset the effects of an interruption in your work. So, you need to take information security seriously.

By doing so you're investing in the integrity of your business. As with any other investment you might make, you need to understand just how valuable your data is and what you should spend on protecting it.

Ask yourself:

If you lost some or all of your data how would that impact on your ability to serve your customers?What would be the cost of the downtime of your people and systems?How much would it cost to restore your data and then check it?Would you be liable to any legal action due to any compliance or regulatory issue?Would your brand and the goodwill it generates suffer?

The costs associated with any of those issues could be significant, so it makes sense to invest some time and money in the right level of information security. COLT works with you to do just that.

We recommend that you take eight simple steps; all of which are geared toward ensuring that small or medium sized enterprises can work with confidence in a secure environment. It's a comprehensive, business-wide approach that involves every aspect of your organisation. To be secure everyone needs to be aware and united in repelling threats and protecting data.

1. Create an Information Security policy; agree it, share it, and provide guidelines so everyone knows what to do, and how to do it. It should cover all the different types of data, how you share it, store it and delete it. Include the policy in your terms of employment, and sort out schedules, as well as reviews.

2. Implement and Maintain your Policy: Assign a senior manager to make sure your policy works. If you need to, get an external supplier to take on this role.

3. Look after your data: Create and maintain an inventory of your data assets, including software and databases. Value those assets (you might need advice to do it) and classify data in terms of its importance and sensitivity and define it in your policy so everyone knows how much data you have and how to deal with it.

4. Have the right people, doing the right things: Make sure all your people know why information security is so important and what a breach might mean to them as well your business. Check the background of new employees and assign responsibility for dealing with incidents. Make sure you give the right people the right training. Also, think about external people who might have access to your data, include them in your procedures and training.

5. Play by the Rules: Make sure you understand and can comply with the many rules and regulations that national and international governments and bodies require you to follow. Make sure you're compliant; it could cost you if you're not.

6. Locks count too: Don't forget the old fashioned doors and locks and access points. Secure them. Also, make sure you can deal with power failures, and are able to store hardware properly. Passwords should be protected and changed regularly.

7. Plan to stay in business: Back up your data and store it off site. Test your business continuity measures regularly.

8. Manage your security: Keep your anti-virus software up to date; maintain your firewalls; ensure you have enough storage space for back-ups (remember PCs and laptops too); be strict about access to data (especially when employees leave); change passwords; manage email traffic and content; discourage the downloading of frivolous programs; encrypt payment details; and manage remote access via VPN software.

We have the expertise and experience you need to put in place all the IT security you need: after all, 24 of the world's top 25 financial institutions trust us to manage their information security. We see our task as a simple one: we take on the day-to-day management of your security; ensure it's tight and that all your data is stored, backed-up and protected properly, and do it quietly and professionally.

You can then get on with what you do best.