Skip to main content
Back to News

IT Security – a Strategy not just a Sticking Plaster

26th May, 2021

Rather than just ticking boxes to confirm policies are in place, what about stepping back and really looking at your business?

Occasionally, you may need to complete a form to demonstrate your company’s commitment to IT security. We frequently assist clients with this requirement, particularly common among FCA regulated businesses.

Whilst completing the form is pretty straightforward, it can feel like it’s a sticking plaster rather than a strategy.

What do we mean by that?

Rather than just ticking boxes to confirm policies are in place, what about stepping back and really looking at your business?

Is the company serious about IT and data security, and what would that look like?

Here are some things to think about:

All staff have regular IT security training – regular testing typically involves embedding training, often through mock phishing emails

Passwords – do you have protocols to force regular password updating? Do you make sure all staff use a secure password storage app such as LastPass, rather than their browser?

Is multi-factor authentication set up for all devices to ensure users are trusted before accessing systems?

Data access – are controls in place to ensure all users only have access the information they need to carry out their duties effectively?

Data control – do you have the protocols in place to enable you to track all of your data. Where it’s filed, when it was edited and by who?

Penetration testing – we work with a trusted partner who can ethically “hack” your business/systems to test how easy it is to get through your existing security measures

Patch managementdo you have a process in place to ensure all machines are regularly updated with patches for all software and operating systems? Do you spot check that to make sure it happens?

Anti-virus software – do you have this installed on all desktops and laptops?

Restore of backups – to ensure backups are effective and can be used if needed. It’s always best to test this when everything is working effectively, not wait until there is a disaster

Lock screen – is this set up for all devices to ensure data is secure if a user leaves the device unattended for a period of time?

Storage of company devices – leaving laptops under chairs when in a bar, or on the back seat of a car, is just an invitation. All devices should be stored away from prying eyes and secured to reduce the risk of theft.

Taking out insurance to protect against ransomware attacks and phishing may also be worth you considering.

You can control many of the protocols and considerations we’ve shared through the Microsoft 365 portal.

You can establish parameters across the company or delve into specifics based on the nature of work in each department.

Making IT security a true strategy in your business is not going to make it 100% risk free – there’s no such thing. However, it will significantly reduce the risk, and keep the compliance bods happy. And just as important – it will help you sleep at night!

Additional peace of mind can also be achieved through security accreditation. We have achieved the Cyber Essentials Plus certification, and going through that process was a good exercise in reflecting on what’s really in place across the business.

And, on that subject, why don’t we help you lift the bonnet on what needs fixing in your business?

We offer an in-depth IT security audit where we identify the specific risks for your business together with our recommendations. Please let us know if you would like to arrange this – 01784 437 123.

Related articles

Data is your responsibility – even if you outsource!

In today's digital age, data is a valuable asset for any business. It can be used to drive growth, improve customer engagement, and gain a competitive advantage.

Read More

Embrace the AI-powered future of work

Transform your daily workflow with Copilot for Microsoft 365, seamlessly integrated into familiar tools like Teams, Word, Excel, and more. This next-gen AI, powered by extensive language models and your Microsoft Graph data, turns natural language into a potent productivity tool. Elevate creativity and efficiency with Copilot, revolutionizing the way you work.

Read More

Building a Collaborative Environment with Microsoft Teams 365

In today's fast-paced business world, effective collaboration is crucial for success, regardless of company size. Microsoft Teams 365 is a powerful tool that streamlines teamwork, boosts efficiency, and simplifies communication. Recent data shows its user base grew from 300 million to 320 million in 2024. Offering chat, video calls, file sharing, and seamless integration with…

Read More

Safeguarding Your Data: Backup and Recovery with Azure

Microsoft Azure offers robust backup and recovery solutions that can help you ensure business continuity and peace of mind..

Read More