PSIFebruary2017
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
INTERVIEW<br />
“If all else fails and<br />
you suffer a security<br />
breach then insurance<br />
arranged via a<br />
reputable Broker can<br />
not only provide<br />
financial help but add<br />
real value when it<br />
comes to getting back<br />
on your feet quickly”<br />
22<br />
(continued from previous page)<br />
Computer security takes three main forms:<br />
Physically Protecting Your Hardware - Make<br />
sure you know what kit you have and keep track<br />
of its movement by keeping an inventory and<br />
auditing regularly. Make sure that physical<br />
security around your computers is strong to<br />
reduce the risk of theft and also that doors to<br />
sensitive areas, like server rooms, are kept<br />
locked and access is restricted to authorised<br />
personnel only.<br />
Allocate equipment to individuals and give<br />
them responsibility to ensure its security,<br />
especially if people are using mobile phones<br />
and laptops away from your main premises.<br />
If you dispose of hardware make sure that all<br />
data, software and information contained on<br />
that device is properly wiped and that you know<br />
exactly where it is going for disposal.<br />
Electronic Protection of the System - Make sure<br />
that access for each staff member is restricted<br />
to what they need in order to carry out their job<br />
role and restrict personal use of your computers<br />
and you may wish to restrict access to certain<br />
software, websites and areas of your company<br />
data. Make sure that all users have password<br />
protection and that these are changed regularly.<br />
Take professional advice on adequate antivirus<br />
software, a firewall and keep these<br />
updated regularly. When you receive software<br />
updates ensure these are actioned to maintain<br />
your protection.<br />
Create an IT Security Policy to include all of<br />
the measures that you have put in place and<br />
what is required by every member of staff in<br />
order to protect the integrity of your computer<br />
systems. Make it clear what the potential<br />
impact for the business and clients can be if<br />
these requirements whether accidentally or<br />
deliberately breached.<br />
Being Risk Aware - Make sure that you and your<br />
staff are aware of the security issues they might<br />
encounter. For example, educate staff in the<br />
risks of opening unsolicited emails and<br />
attachments. Explain the dangers involved in<br />
accessing websites via email, especially where<br />
sensitive information is asked for.<br />
Ensure that staff know exactly what to do if<br />
they think there is a problem; who to report it to<br />
and how.<br />
What should installers do if they have<br />
had an online security breach?<br />
Lisa - If all else fails and you suffer a security<br />
breach then insurance arranged via a reputable<br />
Broker can not only provide financial help but<br />
add real value when it comes to getting back on<br />
your feet quickly.<br />
Support in the following areas (subject to<br />
policy terms and conditions):<br />
Breach Costs – practical support following a<br />
data breach, including help with notifying<br />
customers or regulators, forensic investigation<br />
and credit monitoring<br />
Business Interruption – compensation for loss<br />
of income if your reputation is damaged or if<br />
your system isn’t operating and you can’t earn<br />
revenue as a result<br />
Hacker Damage – cover for repair costs, data<br />
restoration or replacement if hackers cause<br />
damage<br />
Cyber Extortion – Protection if a hacker holds<br />
your business to ransom along with risk<br />
consultancy services to manage the situation<br />
Crisis Containment – support to minimise<br />
damage to your reputation if you suffer a data<br />
breach, including PR support<br />
Privacy Protection – defence and settlement of<br />
claims made against you along with the costs of<br />
regulatory investigations and settlement of<br />
penalties levied by regulators (where permitted)<br />
Multimedia Liability – protection where you<br />
accidentally infringe copyright or inadvertently<br />
libel a third party.<br />
www.psimagazine.co.uk