Richard O’Connor, head of Waterstons’ Security and Infrastructure Consulting team talks about his experiences…
The term “Information Security” carries a number of meanings and can be interpreted in many different ways. However, one thing it usually does is frighten company directors and business owners – sometimes to the point where they prefer to close their eyes and ignore the issue!
We often hear of high profile security breaches such as the recent hack into the US Pentagon; rumoured to be the work of the Chinese military. Stories such as this can often fuel concern and fear, the result of which can be ‘knee jerk’ reactions and overspending in the wrong areas.
In my experience the weakness in most medium sized organisations lies with internal security. By “internal security” I refer to the protection of systems and data once someone has crossed the boundary of the perimeter network – this could just mean someone walking into reception!
Common mistakes I have seen include confidential data stored on CDs and flash drives that are left lying around the office, unsecured wireless devices, unlocked server rooms and finally a lack of centralised access control.
Some people would be surprised at the level of access granted to employees across many businesses. I have personally seen organisations where factory workers can access confidential HR payroll data and on many occasions I have seen businesses who allow everyone to access each other’s e-mail and personal data.
Often the reasons behind internal security lapses are that the organisation has started very small and suddenly grown without any form of strategy or IT management and the directors have adopted a relaxed attitude to information security. All organisations can take practical measures to improve their security and protection of critical information that is undoubtedly integral to the business – and not all of them need to expensive or time consuming!
« Previous | Home | Next »

Jonny Harrison is sailing to Australia from the UK via the Panama Canal before he starts work in Sydney on a secondment at his firm PricewaterhouseCoopers »
Andrew Hebden is Assistant Editor (Business) of The Journal »
Katie Pringle has started her own business, Rock, Paper, Scissors »
Andrew Mernin is the Digital Journalist for nebusiness »
Matthew Rippon is an IP lawyer for BHP Law »
Formerly editor of a national business lifestyle magazine, Jez Davison is a business writer for the Evening Gazette in Teesside »
Ross Smith, Head of Policy and Research at the North-East Chamber of Commerce »
Julian Christopher from Footprint Public Relations, on media and marketing »
Norma Foster from the North East Regional Portal writes about e-business »
Ian Brown, Northumberland farmer and businessman writes about the agricultural industry »
Accessibilty Champion Steve Wilkinson on the importance of inclusion »
Andrea Wilkinson of Shared Interest is visiting Rwanda to deliver business training »
Jonathan Wheatley from Stokesley-based MC Ware writes about IT matters »
Paul Williamson from Deloitte »