Main Menu
Published articles

Click here to see articles

Recent Events

Security awareness seminar held at the Energus building, Lillyhall on 27th July 2010.

Click here for future events

Security for new builds

We will assist in planning of new corporate buildings to ensure nothing has been missed regarding physical security, access control and network design requirements. Once the building is complete, we will ensure that the staff are well trained to maintain the confidentiality, availability and integrity of the information within.

Published Articles

Get yourself a sense of security
Production Journal

Securing your IT - and reputatiion
Whitehaven News

Cumbrian firms urged to be better prepared for floods
News and Star

Keeping newsroom information safe
Submitted to UK Press Gazette

Cumbrians must prepare for wave of Cyber Crime
Lake District Messenger

Can your web site be trusted?
Lake District Messenger

Securing your IT - and reputation

Whitehaven News. 3rd November 2010

In a month when the Government highlighted the dangers of "cyber crime" posing a significant threat to the UK, Sellafield launched an investigation into the loss of a USB stick containing information about the company's business operations.

Although the information contained on the drive was claimed to be benign, it is difficult to quantify the extent of damage to the site's reputation just as the government announced that it was on the shortlist for a new reactor.

Information and company reputation are intrinsically linked - lose one and you lose the other.

The loss of the USB drive would never have made the papers if it had been encrypted. But the public is now left wondering if it was through good luck, rather than good management, that sensitive details were not found on the drive.

Businesses, large and small, must invest more time securing the information they hold and staff have to understand the long term damage that can be done if this is not correctly carried out.

Losing data, or accidentally divulging it to unauthorised people, can have a devastating effect on the trust that people hold in a company. What if a West Cumbrian photographer lost all the images of a wedding due to a computer virus? Their reputation could be in tatters in such a close community and future clients could be warned against them. The same holds true if an architect loses plans and sets a project back, or if a sales company mislays customer records.

If a business holds information on employees, clients or partner firms, then it is duty bound to ensure that such details and backed-up regularly and protected against unauthorised personnel, viruses and hackers.

Information is at risk from so many sources - even natural events such as floods and storms as so many businesses discovered last November. The security of all �important' information has to be assessed, including paper-based records.

Secure offsite storage methods should be considered. Some low-cost digital backup services will copy digital files to a company's own secure area of cyberspace.

Not every business can afford its own IT department to focus on the safety of data. And without every member of staff being onboard with the importance of information security, it would be a waste of time anyway.

Managers in the 21st century must realise that security awareness courses are at least as important as any other form of training that their staff attend.

Many users write passwords on sticky labels and attach them to monitors. Notepads in unlocked desk drawers contain every password the person owns - from email through to internet banking - and it is even possible to guess a high percentage of these from details posted on social networking sites.

With increasing numbers of staff accessing company emails from home, should a burglar find credentials in an employee's house, it is becoming more likely that the security measures in the workplace could be compromised.

Humans are the weakest link in the information security chain. Firewalls and virus checkers are not enough to save businesses from the growing army of hackers and cyber con artists. The armour is available but companies must know how staff form part of the defence.