Call us today 01621 857841 or Email us
Quality Matters Logo 25 years of Quality Matters 1991-2016
"Quality Matters in your Business"

Data Security

19th March 2019

Data security and incidents where data systems have been hacked are again in the news.  The damage in reputational terms can be enormous, and in some cases can destroy an organisation; this does not take into account the fines that can be levied by ICO (Information Commissioner’s Office).

Some of the higher profile cases often occur because of computer issues such as poor anti-malware and anti-virus systems, poor software patching or simply human errors because of a lack of training and awareness.

There are a number of ways that organisations can improve their data security:

  1. Incorporate cyber essentials or cyber essentials plus which adjusts computer systems to protect against improper access. It also provides encryption of hard disks to make it harder to read data files.

    This is commonly known as computer hardening.

  2. Incorporate a management system for data security; Commonly ISO 27001 & 27002   ISO 27001: 2013 is the certifiable Standard and 27001:2013 is the code of practice covering the standard

These management systems put systems in place to enhance security in a number of areas:

  1. Management direction for information security;
  2. Organisation of information security;
  3. Human resources security;
  4. Asset management;
  5. Access control;
  6. Cryptography;
  7. Physical & environmental security
  8. Operations security;
  9. Communications security;
  10. System acquisition, development and maintenance;
  11. Supplier relationships;
  12. Information security incident management;
  13. Information security aspects of business continuity management;
  14. Compliance.

This Standard is not easy to put into place and it is a somewhat lengthy process, but once fully practice it does give a degree of comfort to the management of the organisation that good professional; data security protection has been put into place.

Naturally the organisation must undertake regular internal audits and the system is assessed and surveillance visits carried out by an accredited certification body to ensure continued compliance with the Standard.

We have been helping organisation set up ISO 27001 systems and then make sure they pass assessment, and at the first go.

Once certified Quality Matters can offer internal audits and consultancy to make sure that the certification remains fully valid and the surveillance visits pass without problem.

Please see our web-site for details.

The official blog for independent Management Training
Consultancy, Quality Matters Limited.

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe

Blog Archives

Scopulus Articles

Creative Commons Licence

Quality Matters Limited

Heybridge Business Centre
110 The Causeway, Heybridge
Maldon
Essex CM9 4ND
England

T: 01621 857841
M: 07702 193788

The First and Genuine Quality Matters

© 2019 Quality Matters Ltd. All rights reserved. Responsive Design