How to maintain a data secure business

Press

All businesses are reliant on data so it is vital that this information is adequately protected. Not only are organisations at threat from data and ID theft but also from viruses and hackers. These threaten the operation and reputation of your business and have implications in relation to the Data Protection Act, which governs how organisations should manage and control data. Issues concerning data can be split into three categories:

Confidentiality – Organisations have a responsibility to ensure that the information they hold is used appropriately. To comply with this, businesses should allow only those who need the data to have access to it and should ensure all documentation is safely stored when not in use.

Integrity – All data held should be fit for purpose and correct. Information should only be used for the purpose it was collected and businesses have a responsibility to make sure that data is not passed to unauthorised third parties.

Availability – Data should be readily available at all times so it is vital that effective provisions for data backup are in place.

Threats – These can stem from either within or outside the business and mainly take the form of computer viruses and theft of company data.

Vulnerability – This is a weakness within the organisation which can be exploited. Businesses could be vulnerable to the following:

• Lack of security and background checks made on personnel,
• Lack of adequate virus protection software on computer systems.

Business impact – This refers to the impact that threats, combined with vulnerability, could have on an organisation. Businesses should consider the following examples of business threatening scenarios:

• Loss or theft of data, which is then acquired by competitors,
• A virus disrupts your computer system, corrupting data.