Saturday March 15 2025
Swindon & Wiltshire News
Previously I made the case for using cloud software to gain a better overview of how well your business is managing its cash flow, but if you do transition your IT services into the cloud, how can you make sure your data remains secure?
Cyber security is a growing threat with attacks costing UK companies £34.1bn in the past year, but the majority still haven’t hardened their defences to ward off malware and data theft in the future.
In more than a third of the documented cases an employee was responsible for introducing the infection to the company’s computers. So how do we begin to minimise the risk?
Context sensitive security
Just because an employee has a mobile device which can access anything, it doesn’t mean they should be granted the same level of access when connecting to your company’s servers through the pub Wi-Fi as they do over the office network.
You can create as many access profiles as you wish to make sure your most confidential data stays safe.
Device control
It can be beneficial to productivity if your employees can work on their mobile devices. However, what happens when an employee leaves?
With properly implemented Mobile Device Management there can be a strict separation between work data and personal data, and work data can be remotely wiped from the phone at any point.
Access control
Some of your data is bound to be more sensitive or important than the rest. When it comes to access, you don’t just have to take an employee-first approach, you can also take a data-first approach and monitor who is accessing particular documents and when, so you’ll notice if anything looks unusual.
Educate your employees
The best security in the world can be compromised if your employees are happy to hand out passwords in exchange for chocolate.
I’m kidding of course, because most of the time the threat isn’t bribery so much as phishing or email spoofing, where cyber criminals forge the sender address of the email to make it look as if it’s coming from someone legitimate. The targeted employee may then let their guard down and comply with requests that would normally make them suspicious.
The best security has many layers. While it may seem in the above example that the employee was at fault, that blame could be equally shared by the company for not sufficiently educating their employees on how to spot potential dangers.
Also, if the data that leaked was sensitive it might be appropriate to question why that employee had access to it in the first place.
Ultimately this reinforces the two-pronged approach of hardening your systems and educating your employees as the best way to reduce
the risk of you becoming the next victim.
Start today
Your business data is one of your most critical resources, so don’t put this off any longer. Review your security features today and make sure you’re not a soft target.
Jack Peploe is managing director of Thirdline, an award winning managed service provider delivering tailored industry leading technology solutions to SMEs throughout the UK. www.thirdline.eu
