How to ensure your company’s IT security

28 Jan 2019 Lumina Technologies
Ensure Your Company IT Security

It doesn’t matter if your business has 10, 100 or 1,000 members of staff, the need for a basic level of IT security remains the same. There are businesses that, by necessity, require a much higher standard of IT security, e.g. legal, financial services, executive search companies etc.

Your IT system’s security model can be broken down into a number of key areas:

Cyber Essentials

Cyber Essentials (CE) is the most basic security requirement and every business should be up to CE standard. CE certification ensures an environment that puts IT security best practice in place, so if your business cannot do this, you already have holes in your security model! CE certification ensures user account management is up to par – passwords, patches, anti-virus, firewalls etc, so getting CE certification is an important and necessary step. If your organisation has achieved it, we think it is worth shouting about it!

Enhancing CE

Once CE is in place, your company needs to enhance it further. Start by controlling access into and out of your organisation’s IT system with:

  • Two-factor authentications for external entry points into the organisation, webmail, VPM, admin access etc
  • Anti-phishing measures around your domain name and physical interfaces, e.g. USB ports, email, in order to control what goes in and out of those ports
  • Encrypting data and devices both onsite and outside your perimeter so staff members can safely use their personal laptops, home computers, tables, phones etc
  • Measures to help you prevent data leakage
  • Policies, controls and filters around emails

User awareness

It does not matter how good your technical measures are, you also need to make sure your people are fully aware of IT security issues, and are following guidelines to minimise the chances of accidentally allowing hackers into your system. Many hackers rely on user error by people who do not know how to recognise phishing attacks. It is the digital equivalent of someone in a boiler suit turning up at reception to say they’re here to fix the boiler – if they look the part, the likelihood is that they’ll be let in to the building, even if no-one was expecting them.

Governance

Good security also relies on good governance. If you have the rights checks and balances in place, you will gain credible protection against deliberate attacks. They will help you make sure no-one on the team has the opportunity to behave inappropriately, and that the management is satisfied that any requests are genuine and justified.

If you would like to find out how we can help you implement a robust IT security strategy to protect your business, contact us to arrange an appointment.

 

Contact Lumina

We use cookies to ensure that we give you the best experience on our website.