Wednesday, 20 April 2011

How safe is the data on your computers?

Earlier this month The Data Commissioner was given powers to fine companies up to £500,000 for breaches of the Data Protection Act. (See the press release at http://goo.gl/eHe3O)

The Data Protection Act states that anyone who processes personal information must comply with eight principles, which make sure that personal information is:
• Fairly and lawfully processed
• Processed for limited purposes
• Adequate, relevant and not excessive
• Accurate and up to date
• Not kept for longer than is necessary
• Processed in line with your rights
Secure
• Not transferred to other countries without adequate protection

These principles apply to anyone who stores any personal information on computers. That may be as simple as an email address held within Outlook, customer names and addresses within your Accounts software, or a full blown CRM database system.


Consider where you keep such data, and how securely it is kept.

If that data is on a computer or laptop which is then stolen, how easily could someone access the data? A simple Windows password used to log-on to your account is very easily broken.

If the computer were to be infected with a virus it could give a hacker access to the computer. Is your anti-virus system working and up-to-date?

Hackers use carefully crafted emails to persuade your staff to browse to maliciously coded websites, which may then allow the hacker access to your network. How well trained are your staff? Do you have email filtering software to block “phishing” emails or viruses?

Where is your backup data? If you backup to tapes, are all of the tapes kept locked in a safe or off-site? Could someone who breaks in to your premises also steal that backup tape and access critical data in that fashion?


Robust Security Policies

Your business should have a written security policy, which should include:

• “Acceptable Use” rules for computer use by all staff,

• Data Backup policies and procedures,

• Guidelines on how and when data may leave your premises,

• Confirmation that all computers will be protected with up-to-date security,

• Measures to ensure all passwords are as strong as possible,

• Other processes such as confidential waste shredding.


We can help

The IT Dept can help with drawing up written policies for use in any business.

We also offer a secure, off-site data backup solution which avoids the problems of backing up to tapes, CDs or pen drives altogether. See http://goo.gl/25rU

We can supply and install email filtering, anti-virus or web control software.

We can securely dispose of old computers and hard drives, which may contain sensitive data, in line with the WEEE Directive.

For confidential document shredding in Lancashire contact MiniShred at http://www.minishred.com/

____________________________________________________
If you enjoyed this blog please consider donating £1.00!
Sign up for our Monthly Newsletter
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2011