Embed Size (px)
Citation preview
With the increased risk of some sort of cyber-attack over the past few years, it is now more important than ever to look over your computer network and identify the risks within your organisation.
There is a link at the end of this deck to the associated blog and webinar recording
Protectyour business!
How to
I.T Support Consultancy
Who am I?Matthew Parsons – Director – Surf Tech ITWorking in IT Services for 14 Years
Information Security | Protecting your business
• Identifying Risks• Assessing your assets• Securing your information• ISO 27001 : Information Security
Identifying Risks• Everything / Everyone within your business is a risk
• Hardware• Laptops, Desktops, Phones, External Hard drive
• Software• E-Mail, Cloud Solutions i.e Office 365
• Employees
Assessing your assets
Risk/Asset Threat Likelihood Severity Rating
Assessing your assetsRisk/Asset Threat Likelihood Severity Rating
Laptop Stolen/Lost 2 2 4
Email Security Compromised 2 2 4
Employees Release of unauthorised data 2 3 6
Rating = Likelihood x Severity
Assessing your assetsRisk/Asset Threat Likelihood Severity Rating
Laptop Stolen/Lost 2 2 4
Email Security Compromised 2 2 4
Employees Release of unauthorised data 2 3 6
Rating = Likelihood x Severity
Rating
Low 1 to 4
Medium 5 to 10
High 11+
Control ActionRisk/Asset Control Likelihood Severity Rating
Laptop Company policy not to store customer data on local drive
2 1 2
Email Complex passwords, change password every 90 days and enable two factor authentication
1 2 2
Employees Employment contract states the release to information classified as 'confidential' will result in disciplinary action
1 3 3
Rating = Likelihood x SeverityRating
Low 1 to 4
Medium 5 to 10
High 11+
Control ActionOther Control Actions may include:• Additional hardware appliances (such as Firewalls, Web Filtering)• Additional software (such as Anti-Virus, AntiSpam)• Computer policies (Locking down users abilities on computers, what software can be installed)
Why assess these threats?• If you can identify the threats to your business, access the risk it may cause and identify it as a high risk.
You will be able to make changes within your business to best protect your data and customer data
ISO 27001 | Information SecurityISO 27001 is a standard created by the International Organisation for Standardisation (ISO) for implementing an Information Security Management System (ISMS).
ISO 27001 is not required by every industry, but if you can incorporate just a few elements of ISO 27001 in to yourbusiness it should assist in protecting your important data.
We work with businesses to assess these risks for them and then advise how any potential risk can be addressedand minimized.
As an IT Support and Solutions provider our customers depend on us to keep their data safe. Our clients likethe reassurance knowing that our systems and processes are audited, when you partner with a companylike us we have the complete control of your IT systems.
Thank you for listening!
Any Questions?!?
BizSmart aims to help business owners of small and medium sized businesses to create value and scale their businesses through sound practical business support by providing insight, Clarity combined with a real determination to help you succeed.
You can access webinars and presentations like this and more besides through our SmartRoom service here
You can read the associated blog and listen to a live recording of this presentation by clicking here You can read Matthew’s profile here
SPECIAL OFFER ....... Work with an IT company that strives to be the best.
If you’d like to take advantage of the knowledge and experience at SurfTech IT, but are concerned about potential costs, or the time and disruption involved in upgrading your systems, please book a complimentary consultation to talk through your options.
You can get in touch via email [email protected] or call 0330 120 0295, quoting BizSmart Lunch & Learn Webinars.
•Need a sounding board for your ideas?•Need to know what to prioritise?•Want someone to challenge your assumptions?
BizSmart – Where Smart people go to surround themselves with other Smart people, to gain business success.
