Understanding Business Data Security
Did you know that, as of the 6th April 2010,
the Information Commissioner’s Office (ICO) can now enforce fines
of up £500,000 to anyone who fails to handle “personal data” in
accordance with the Data Protection Act (1998) principles? With
help from experts Secure Online Backups, we've put together this
article to help businesses understand their data security
obligations.
Due to recent and well publicised events in the news,
companies must have security procedures in place to ensure
that any personal data belonging to customers or employees
is stored securely and without risk of being lost or
stolen.
Why protect your business data?
Data, in all its forms, is the key to a successful
business. Data helps establish strategy, assures
appropriate billing, keeps records and myriad other
essential tasks. Without data a business can fail, making
the preserving data is nothing less than a strategic
priority.
In all of its forms, data is key to running a business
successfully. Data helps establish strategy, record taking
and a plethora of other essential daily tasks. Without
data, businesses can fail. The catastrophic potential of
data loss has been shown in surveys, where figures include
90% of businesses that lose their core data for more than
10 days go bankrupt within a year.
A survey by Rubicon Consulting showed that, of the
companies that lost data, approximately one-third lost
sales, 20% lost customers and 25% claimed the data loss
caused severe disruptions to the company. A small data loss
can cause major reputation damage.
Ultimately, it's a legal responsibility to ensure data
related to your customers, employees and business is in safe
hands. From the 6th April 2010 data controllers and
businesses became liable to fines of up to £500,000 for
breaches under the Data Protection Act
How could you lost your business data?
Human error accounts for around a third of all data loss.
This includes intentional or accidental deletions of files,
loss of CDs or backup tapes, or simply a spilt cup of coffee
over a computer.
Of course, hardware and software issues can come at any
time. Higher risk can come from using out of date hardware.
Data corruption is a common issue.
Natural disasters are of course less common, but more
frequent issues include fire, theft (be it physical media or
the hacking of networks) to a lightning strike causing a
knock-on effect of damaging your hardware.
What level of security is required?
Appropriate technical and organisational measures
shall be taken against unauthorised or unlawful
processing of personal data and against accidental
loss or destruction of, or damage to, personal data.
Data Protection Act 1998
In practice, the quote means that you must have appropriate
security to prevent the personal data you hold being
accidentally or deliberately compromised.
The Act does not define “appropriate” , but it does say that
an assessment of the appropriate security measures in a
particular case should consider technological developments and
the costs involved.
The Act does not require you to have state-of-the-art security
technology to protect the personal data you hold, you
should however regularly review your security arrangements as
technology advances. There is no “one size fits all” solution to
information security, and the level of security you choose should
depend on the risks to your organisation.
Data Security Tips
The ICO have provided a set of tips to ensure that any
Organisation, Corporation or Governmental body that collects
personal information handles it securely. The ICO recommend to:
Install a firewall and anti-virus software on
computers.
Upgrade to the latest, and safest operating system.
Protect your computer by downloading the latest
patches and security updates, which cover
vulnerabilities.
Install anti-spyware software to protect secretly
installed software aimed at stealing private
information.
Encrypt any personal information held electronically if
it will cause damage or distress if it is lost or stolen.
Only allow your staff access to the information they need
to do their job and don’t let them share passwords.
Take regular backups of the information on your computer
system and keep them in a separate location.
Remove all data before disposing of computers (by using
specific technology or destroying the hard disk).
> ICO Data Protection Guide
Thanks!
The content of this article was supplied by Secure
Online Backups, suppliers of fully automated and encrypted
online data backups to a fully managed off site data
security facility.
For more information on protecting your business data
call 01732 459 457 or visit
www.secure-online-backups.co.uk
Due to recent and well publicised events in the news,
companies must have security procedures in place to ensure
that any personal data belonging to customers or employees
is stored securely and without risk of being lost or
stolen.
Why protect your business data?
Data, in all its forms, is the key to a successful
business. Data helps establish strategy, assures
appropriate billing, keeps records and myriad other
essential tasks. Without data a business can fail, making
the preserving data is nothing less than a strategic
priority.
In all of its forms, data is key to running a business
successfully. Data helps establish strategy, record taking
and a plethora of other essential daily tasks. Without
data, businesses can fail. The catastrophic potential of
data loss has been shown in surveys, where figures include
90% of businesses that lose their core data for more than
10 days go bankrupt within a year.
A survey by Rubicon Consulting showed that, of the
companies that lost data, approximately one-third lost
sales, 20% lost customers and 25% claimed the data loss
caused severe disruptions to the company. A small data loss
can cause major reputation damage.
Ultimately, it's a legal responsibility to ensure data
related to your customers, employees and business is in safe
hands. From the 6th April 2010 data controllers and
businesses became liable to fines of up to £500,000 for
breaches under the Data Protection Act
How could you lost your business data?
Human error accounts for around a third of all data loss.
This includes intentional or accidental deletions of files,
loss of CDs or backup tapes, or simply a spilt cup of coffee
over a computer.
Of course, hardware and software issues can come at any
time. Higher risk can come from using out of date hardware.
Data corruption is a common issue.
Natural disasters are of course less common, but more
frequent issues include fire, theft (be it physical media or
the hacking of networks) to a lightning strike causing a
knock-on effect of damaging your hardware.
What level of security is required?
Appropriate technical and organisational measures
shall be taken against unauthorised or unlawful
processing of personal data and against accidental
loss or destruction of, or damage to, personal data.
Data Protection Act 1998
In practice, the quote means that you must have appropriate
security to prevent the personal data you hold being
accidentally or deliberately compromised.
The Act does not define “appropriate” , but it does say that
an assessment of the appropriate security measures in a
particular case should consider technological developments and
the costs involved.
The Act does not require you to have state-of-the-art security
technology to protect the personal data you hold, you
should however regularly review your security arrangements as
technology advances. There is no “one size fits all” solution to
information security, and the level of security you choose should
depend on the risks to your organisation.
Data Security Tips
The ICO have provided a set of tips to ensure that any
Organisation, Corporation or Governmental body that collects
personal information handles it securely. The ICO recommend to:
Install a firewall and anti-virus software on
computers.
Upgrade to the latest, and safest operating system.
Protect your computer by downloading the latest
patches and security updates, which cover
vulnerabilities.
Install anti-spyware software to protect secretly
installed software aimed at stealing private
information.
Encrypt any personal information held electronically if
it will cause damage or distress if it is lost or stolen.
Only allow your staff access to the information they need
to do their job and don’t let them share passwords.
Take regular backups of the information on your computer
system and keep them in a separate location.
Remove all data before disposing of computers (by using
specific technology or destroying the hard disk).
Thanks!
The content of this article was supplied by Secure
Online Backups, suppliers of fully automated and encrypted
online data backups to a fully managed off site data
security facility.
For more information on protecting your business data
call 01732 459 457 or visit
www.secure-online-backups.co.uk
