Information Security Services
Information is one our most valuable assets and its handling, storage, collection and processing need particular attention
Most people confuse information with data. Information exists within our businesses in a number of different ways – some of it is electronic data but some may be contained in paper records, training manuals, product specs etc – e.g.
- Customer contact details
- Customer terms & pricing
- Customer contracts
- Prospect contact details
- Supplier contact details
- Supplier terms & prcing
- Supplier contracts
- Employee information
- Payroll records
- Training records
- Intellectual property
- Computer code
- Product data
- Door entry codes
- Passwords & usernames
Data Protection (Privacy)
GDPR and The Data Protection Act (UK implementation of GDPR) demand that we observe certain regulations when handling information that identifies an individual person. This includes information security controls as well as some very clearly defined requirements around legal accountability, accuracy, rights of access and rights of deletion. In addition, you must be able to clearly state the legal basis upon which you justify the processing of personal data.
Often confused with data security or information security, Cyber Security is a sub-set of information security and is one of the key areas of control considered under Data Protection frameworks.
Cyber Security is about the security measures we take to reduce the risks posed by external threats aimed at attacking our systems electronically via open networks and gateways such as the internet. Some common external threats are ;
- Hacking (attacking our networks directly)
- Phishing (attempts to gain inside knowledge that can be used later to compromise our systems)
- Malware (viruses, worms, trojans, ransomware – all aimed at infiltrating our systems unseen, then delivering some kind of malicious payload)
- Denial Of Service (flooding our websites with page requests to bring the site down [say])
All these things pose a very real threat to our businesses – not only will it cost us real money to correct any damage done, but, our reputations can be damaged and we may have to report breaches to the ICO which can in turn, lead to investigations and possible penalties.
Information Governance Services
We can work with you to conduct Data Audits and Compliance Health Checks and produce a Gap Analysis to establish any areas that you may to look more closely at.
Once we have a clear picture of your business and its information, as well as the obligations you may have in terms of regulatory compliance, we can formulate a best fit strategy for your information governance, by way of adoption of Industry Standard Information Governance Frameworks.
There are several recognised standards that can be used – which one is best for your business depends on the size and nature of business.
Book A No Obligation Consultation
Complete our contact form and we’ll happily get back in touch with you to discuss your needs – no selling just dialogue