PSIFebruary2017

INTERVIEW
“If all else fails and
you suffer a security
breach then insurance
arranged via a
reputable Broker can
not only provide
financial help but add
real value when it
comes to getting back
on your feet quickly”
22
(continued from previous page)
Computer security takes three main forms:
Physically Protecting Your Hardware - Make
sure you know what kit you have and keep track
of its movement by keeping an inventory and
auditing regularly. Make sure that physical
security around your computers is strong to
reduce the risk of theft and also that doors to
sensitive areas, like server rooms, are kept
locked and access is restricted to authorised
personnel only.
Allocate equipment to individuals and give
them responsibility to ensure its security,
especially if people are using mobile phones
and laptops away from your main premises.
If you dispose of hardware make sure that all
data, software and information contained on
that device is properly wiped and that you know
exactly where it is going for disposal.
Electronic Protection of the System - Make sure
that access for each staff member is restricted
to what they need in order to carry out their job
role and restrict personal use of your computers
and you may wish to restrict access to certain
software, websites and areas of your company
data. Make sure that all users have password
protection and that these are changed regularly.
Take professional advice on adequate antivirus
software, a firewall and keep these
updated regularly. When you receive software
updates ensure these are actioned to maintain
your protection.
Create an IT Security Policy to include all of
the measures that you have put in place and
what is required by every member of staff in
order to protect the integrity of your computer
systems. Make it clear what the potential
impact for the business and clients can be if
these requirements whether accidentally or
deliberately breached.
Being Risk Aware - Make sure that you and your
staff are aware of the security issues they might
encounter. For example, educate staff in the
risks of opening unsolicited emails and
attachments. Explain the dangers involved in
accessing websites via email, especially where
sensitive information is asked for.
Ensure that staff know exactly what to do if
they think there is a problem; who to report it to
and how.
What should installers do if they have
had an online security breach?
Lisa - If all else fails and you suffer a security
breach then insurance arranged via a reputable
Broker can not only provide financial help but
add real value when it comes to getting back on
your feet quickly.
Support in the following areas (subject to
policy terms and conditions):
Breach Costs – practical support following a
data breach, including help with notifying
customers or regulators, forensic investigation
and credit monitoring
Business Interruption – compensation for loss
of income if your reputation is damaged or if
your system isn’t operating and you can’t earn
revenue as a result
Hacker Damage – cover for repair costs, data
restoration or replacement if hackers cause
damage
Cyber Extortion – Protection if a hacker holds
your business to ransom along with risk
consultancy services to manage the situation
Crisis Containment – support to minimise
damage to your reputation if you suffer a data
breach, including PR support
Privacy Protection – defence and settlement of
claims made against you along with the costs of
regulatory investigations and settlement of
penalties levied by regulators (where permitted)
Multimedia Liability – protection where you
accidentally infringe copyright or inadvertently
libel a third party.
www.psimagazine.co.uk