The Classification Conundrum #ISO27001

An important step to effectively manage information security risks is identifying how many information Classifications you have. The ISO27001 standard supports through clause 8.2.1 “Information should be classified in terms of legal requirements, value, criticality and sensitivity to unauthorised disclosure or modification”.  There is no standard answer to how many are needed. It is one… Read More

Things to consider when selecting a new office

Thinking of moving to a new location? Here are some security items you should consider when selecting your perfect office. Location Consider neighbourhood public health and safety issues Is there an unacceptably high incidence of crimes against people or property? Will employees feel safe walking alone at night? Do the police or other emergency services have… Read More

Why keeping information secure is much more than an IT issue

When I ask business owners what they are doing to keep their business information secure, the vast majority say it is an IT issue and I should talk to their IT team or the company used to maintain their IT systems. But what about dealing with risks from your staff, lack of adequate physical security or keeping… Read More

Is that the drip, drip, drip of your data?

It may seem obvious, but some businesses don’t appreciate that securing information means you need to know what you have and where it gets stored. Not so long ago you knew that information stored electronically would be held on servers within your building(s), at a secure data centre or on backups held by a trusted… Read More

Self-assessment tool to help SMEs with Data Protection

The Information Commissions Office has launched a self-assessment tool to help small and medium-sized enterprises (SMEs) assess their compliance with the Data Protection Act and the key obligations for processing their customers’ or clients’ personal information. Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that… Read More

Check before you send

A few weeks after we found out that personal details of world leaders were accidentally emailed to organisers of the Asian Cup there is a story about Project Bookend. This is, allegedly, secret research by the Bank of England on the financial shocks that could hit Britain if there is a vote to leave the European… Read More