0370 270 6000

Practical guide to IT security

17 August 2012

The Information Commissioner’s Office (ICO) has issued a practical guide to IT security for small and medium sized businesses.

The punchy guide focuses on the need for businesses to keep their IT systems and personal data held within them secure, and proposes a two pronged approach:

  • undertaking an initial assessment of the risk to personal data held within the business to determine what security measures are required
  • implementing a number of different tools and techniques to give a ‘layered approach’ to security including implementing measures to ensure physical security, using anti-virus and anti-malware software and properly maintaining systems, implementing intrusion defence, restricting access to systems, ensuring employee IT security awareness, well written security policies, applying equal security measures to personal data on movable devices and auditing any outsourced IT supply

The guide is a useful starting point for businesses who have not yet developed a comprehensive IT security strategy.

Related opinions

Right to Work Checks: Changes from 6 April 2022

From 6 April 2022, right to work checks on all migrant or settled prospective employees must be online and checks on British or Irish nationals will be manual (free) or digital (charged for).

View blog

Government’s proposals for dealing with pandemic rent arrears finally reach the statute book

The Commercial Rent (Coronavirus) Act 2022 was finally passed yesterday (24 March) and comes into force immediately.

View blog

Covid-19 rent arrears – the questions that remain

The Government appears set to announce plans on ‘living with Covid to restore freedom’. With the success of the retail and hospitality sector key to recovery, what protections will be on offer to tenants to deal with Covid-19 rent arrears?

View blog

Are whistleblowers entitled to keep their employer’s confidential documents?

In Nissan v Passi, the High Court recently considered the issue of an employee retaining confidential documents belonging to his former employer in the context of the employer’s application for an injunction seeking the return of such documents from the employee.

View blog

Mailing list sign up

Select which mailings you would like to receive from us.

Sign up