5 security considerations for your IT team
What to check to keep your business secure…
Cyber security and warfare is a hot topic in today’s world. On a near-daily basis we see news items about data breaches, attacks by hackers, and global system malfunctions. The ramifications on businesses who do not take care of their cyber security are massive – from mega fines for the most serious data breaches, to the potentially crippling revenue losses attributed to core system outages.
The NHS, Visa, Sony, and even the US military have all been victim to data breaches and hacking – so how on earth can you protect your company and its crucial infrastructure? We’ve pulled together a list of 5 security considerations for your IT team, to get you on the right track…
1. Unauthorised cloud applications
Are your employees all running applications that have been officially “sanctioned” by your IT team? The answer to this is sadly, probably not. Forbes.com estimates that around 7 out of 10 organisations are using unauthorised cloud applications. Often the case, your IT team may not even know these applications are being used. A key example is online file sharing apps, in which people outside of the company are often given, and generally keep access. Your IT team cannot manage what they cannot see, so make sure your employees understand the dangers of using unauthorised applications.
2. Operating a BYOD policy? Is it secure?
Many modern companies operate a “bring your own device” (BYOD) policy for its employees, where staff are invited to bring their own personal devices into the company network to do their job. Whilst in the short term this may save the company money, and when done correctly can be a great solution, it is very important that your IT team create a process that ensures all devices are fully protected against the latest security threats and do not act as a gateway into the company’s corporate network.
3. Are you protected against insider threats?
Sadly, cyber-attacks and breaches often occur from within. As employees grow within companies they are inevitably granted more access and levels of responsibility across the organisations systems. Now imagine that employee getting upset at the company in some way or accepting a payment in exchange for data or information. It is important that your IT team has appropriate levels of monitoring and safeguarding against insider attacks. The ability to keep an eye on files downloaded and systems accessed is key, along with the “super user” capability to revoke access and back-up/restore systems instantly should the worst happen.
4. Is your company data policy GDPR compliant?
GDPR is here to stay, and it’s crucial that your organisation, no matter the size, complies with the law around personal data and how it is managed. Assessing every source of data, creating and undertaking privacy policies, securing data against unauthorised access and so much more must be completed to comply with the regulations. Non-compliance with GDPR can result in massive fines, and often irreversible reputational damage to your company. Not sure where to start? The ICO has some simple step-by-step guides designed to get organisations of all sizes on the right track towards GDPR.
5. What will you do when the worst happens?
Do your IT team have a plan for if the worst was to happen? What if your crucial infrastructure malfunctions, or a virus infects your company network? In some cases, these disasters can cause companies to lose their crucial data, customer records, application access and much more. Savvy IT teams have a plan ready to mobilise for any given eventuality. For example, daily database back-ups, cloud-based applications or mirrored IT infrastructure can ensure your staff are up and running again quickly with minimal damage to your systems, or bottom line.
At Dynamic Edge, we can help you and your IT team be form a comprehensive IT strategy which prepares you for any eventuality. Contact us today to discuss your IT goals.