James Mills is a web developer in the North East of England and founder of Refresh Teesside »
Mike Hughes is the Head of Business for the Evening Gazette. He will be blogging on all matters of importance to Teesside businesses - and some that are just worth knowing »
Jez Davison, business writer at the Evening Gazette, is a regular blogger on all things business - particularly finance, entrepreneurship and the state of the Teesside economy » 
Karen McLauchlan is the Evening Gazette's deputy business and features editor - with special interest in all things industry, property and arts related » 
Jeremy Middleton is a venture capitalist and the co-founder of FTSE-200 company HomeServe » 
Deloitte, which has 23 offices across the UK including Newcastle, is among the country's leading professional services firms » 
ClimateNE & Climate Change Schools Project support the move to a low-carbon, resilient economy and help businesses avoid risk and realise commercial opportunities. Posts by Jen Atkinson, Krista McKinzey and Harriet Thew » Richard OâÂÂConnor, head of Waterstonsâ Security and Infrastructure Consulting team talks about his experiencesâÂÅ
The term âÂÂInformation SecurityâÂ? carries a number of meanings and can be interpreted in many different ways. However, one thing it usually does is frighten company directors and business owners â sometimes to the point where they prefer to close their eyes and ignore the issue!
We often hear of high profile security breaches such as the recent hack into the US Pentagon; rumoured to be the work of the Chinese military. Stories such as this can often fuel concern and fear, the result of which can be âÂÂknee jerkâ reactions and overspending in the wrong areas.
In my experience the weakness in most medium sized organisations lies with internal security. By âÂÂinternal securityâÂ? I refer to the protection of systems and data once someone has crossed the boundary of the perimeter network â this could just mean someone walking into reception!
Common mistakes I have seen include confidential data stored on CDs and flash drives that are left lying around the office, unsecured wireless devices, unlocked server rooms and finally a lack of centralised access control.
Some people would be surprised at the level of access granted to employees across many businesses. I have personally seen organisations where factory workers can access confidential HR payroll data and on many occasions I have seen businesses who allow everyone to access each otherâÂÂs e-mail and personal data.
Often the reasons behind internal security lapses are that the organisation has started very small and suddenly grown without any form of strategy or IT management and the directors have adopted a relaxed attitude to information security. All organisations can take practical measures to improve their security and protection of critical information that is undoubtedly integral to the business â and not all of them need to expensive or time consuming!
- Post to:
del.icio.us
Digg
Newsvine
Nowpublic
Reddit
« Previous | Home | Next »