The guide covers topics such as physical security, anti-virus defences and employee awareness. It’s designed to help smaller businesses keep personal data secure, and also avoid a serious data breach that could see the Information Commissioner’s Office (ICO) impose a monetary penalty of up to GB pound 500,000.
Information Commissioner Christopher Graham explained: “Since November 2010 the Information Commissioner’s Office has had to serve civil monetary penalties totalling over GB pound 1.5 million on organisations that failed to take the necessary measures to keep peoples’ information secure. While we recognise that the biggest companies and organisations will have many of these strategies already in place and have spent a great deal of money on securing their IT systems, smaller enterprises often tell us that they would benefit from simple and clear advice specifically designed for them.”
He added: “On that basis, this guide aims to support these companies by providing a starting point and recommendations that cost little to adopt, but can significantly reduce the risks of a serious data loss and the reputational and financial damage that can result.”
Detailed advice on key areas
The guide includes a checklist and more detailed advice on: securing data on the move, keeping you and your systems up to date, keeping an eye out for problems, knowing what you should be doing and minimising the data you keep.
Graham continued: “Following this guidance is not just about minimising risk. Businesses that prioritise the safety of their customers’ personal data will have a real competitive advantage.”
Mike Cherry, policy chairman at the Federation of Small Businesses, added: “It’s important that the ICO has published this guidance specifically for small businesses. Good IT and data security should be part and parcel of good business practice, and businesses should always be thinking about the simple steps that they can put in place to achieve this. The guidance should help businesses do this.”
Copies of ‘A Practical Guide to IT Security’ can be viewed and ordered here