We are becoming increasingly dependent on IT to store and process vital business data - from customer details to financial and employee records. The growth of cloud services means many businesses also have sensitive data stored outside their business
Regardless of which devices and systems you use, or where your data is stored, it's vital you keep your IT secure. Failing to take IT security seriously can have major implications for your business. How would you cope if you lost your entire customer database, or couldn't send or receive emails?
What IT risks do I face?
There are many threats to your IT security. For example, you may be at risk from:
- Data loss or corruption. Data is likely to be one of your most valuable assets. Protect it from physical threats (such as fire, flood and theft), malicious attacks and accidental deletion.
- Online threats. Hackers and online criminals may target your business. You could also be affected by malicious websites, viruses, Trojans, spyware or spam email.
- The actions of employees. Whether by accident or on purpose, your employees can cause serious problems. Carelessness - such as the loss of a company smartphone - or unauthorised action by current or ex-employees with a grudge can cause security issues.
Basic IT security
You may need to implement a range of measures to secure your IT. This could include:
- Anti-virus software to protect against viruses, spyware and other threats. Reputable software can cost as little as £20 per computer for two years' coverage and updates.
- A spam filter to block malicious email.
- Passwords to restrict access to your data and systems.
- Backup procedures and software to save copies of important data. Test your backups regularly. You don't want to discover your backups haven't worked when your main copy fails.
- A firewall to check all the data you send and receive. Software firewalls are often built into security software packages and operating systems and many routers now include a hardware firewall.
- An uninterruptible power supply to protect key equipment in the event of a power failure.
- Physical security measures such as locks or cables to secure your premises and equipment making it difficult to steal.
What else should I do?
Keep your software and apps up-to-date. Hackers can take advantage of security loopholes in older versions. Updated versions are also likely to offer additional security features to help keep your systems and data safe.
Take extra care of mobile devices such as laptops, smartphones and memory sticks. These are easily stolen, lost or damaged. Make sure you back up your data and use built-in security measures like passwords and 'remote wipe' functions to prevent your data or devices from getting into the wrong hands.
Consider storing important data in the cloud. It can be more secure than storing it on your computer or smartphone, and there is a wide range of free and low-cost options.
Establish simple IT policies and procedures so your staff know how to prevent and respond to security threats. They can also help employees understand what you consider acceptable use. Your policies need to strike the right balance. They should to allow your staff to get on with their jobs whilst minimising IT risks.
Is it really a big issue?
You need to take IT security seriously. Threats are continually evolving - software companies are constantly updating their software to counter new risks. Review the systems and software you use, where your data is stored and what potential risks you face. Ask yourself whether the measures you have in place are sufficient.
Don't treat IT security as an afterthought. Think about security issues from day one - if you wait for a problem to occur before taking action, it's far too late!