Categories

Top 10 Online Security Strategies for Your Business

Is keeping your business secure online one of your resolutions for the New Year?

1 week into 2022, and we’re all looking for things to get us through the colder months.

It’s a time of resolutions, new challenges, and new goals. However, it’s just as important to reflect on what you should continue to work on from 2021.

Did you know that the first half of 2021 saw 94% of malware distributed in phishing emails? With high numbers of people working remotely and online this year, cybersecurity needs to be a central focus for the new year.

To show our ongoing commitment to information security, id have once again, been recertified with the ISO 27001 accreditation, proving that cyber security is a key focus for us at id. To qualify, id proved that they could not just prevent but defend against potential data system vulnerabilities. The principles of ISO 27001 are:

  • Defining and maintaining a security policy
  • Defining the scope of the Information Security Management System
  • Conducting a risk assessment
  • Managing identified risks
  • Selecting control objectives and controls to implement
  • Preparing a statement of applicability

The certification involves 114 specific security measures, which you can read more about on the QMS website here.

To celebrate are reaccreditation, we’re helping you to keep your business secure online in 2022 with these top 10 tips.

Top 10 tips for keeping your business secure online

Use passphrases rather than passwords

Predictable passwords are the easiest way for hackers to gain access to important files and information. Even worse, reusing passwords can give hackers extensive access to your details in a matter of minutes. Instead of a password, implement the use multiple words to form a pass phrase. Pass phrases are a much more secure mechanism than passwords. If remembering passwords, let alone pass phrases passphrases is a struggle for you, our next tip will help.

Utilise a Secure passphrase/ password sharing software

Keeping track of passphrases / passwords is a nightmare. Numerous accounts as well as both personal and work logins can involve many notes, spreadsheets, and email password reminders. Tools like LastPass allow you to securely store all of your passphrases / passwords in one place. Even better, you can share login details to give access to accounts without exchanging the password itself. It’s also extremely useful for remembering login details and auto-fills out your email and passphrases / password for you – secure and useful!

Install Anti-Virus and Firewall Software

Whilst standard devices come automatically installed with Anti-Virus software, this is rarely enough to keep your business secure online. Firewalls are a more robust method of protection as they act as a gatekeeper between your computer and the internet. Firewalls form a first line of defence, and we recommend outsourcing your cyber security through an IT provider to ensure the highest levels of protection.

As part of our ISO 27001 certification, id ensures we meet the highest level of cyber security internally and for our clients. Our Mercury Intranet solution boasts the highest levels of online security as part of its collaborative platform. If a secure digital transformation is part of your 2022 plan,

Update physical servers regularly

Cyber Security updates are a key focus for serving companies. Hackers target sites that don’t have the latest software Security updates are a key focus for securing companies hardware. Sites without the latest software aren’t protected against the latest vulnerabilities. These sites are most likely to be targeted by Hackers. You should download the latest version of your server’s security software as soon as possible and protect yourself and your business from a security attack.

Store sensitive data in a private managed cloud account

Making use of a managed private cloud account allows you to store sensitive data in a digital account as a backup. Meanwhile, employees are granted access to this information and data when needed. Passwords are required for access, and data is encrypted, providing multiple layers of security for your business.

Limit access to files for former employees and partners

It is essential that you keep in top of who has access to information within your business. Utilising a cloud system makes it easy to disconnect former employees. If you share information over email or other methods, it is important that you invalidate computer access of people no longer working in your business to prevent misuse of information. A simple system for this is requiring passwords for access, which you can then change as your team and any partners or vendors move on.

Ensure financial transactions are encrypted

This is only relevant to organisations that carry out transactions online. It is a requirement of Credit Card companies that suppliers protect customer data. Keeping your business secure online also includes keeping people who interact with your business online secure. You, or an outsourced IT company, can install encryption software, or you can make use of established payment processing companies, such as PayPal.

Make use of a VPN (Virtual Private Network)

All wireless networks are vulnerable to attacks, and with the increase in remote working, it is now more of a risk than ever as employees are spread across the world and utilising numerous networks. VPNs encrypt your data, and effectively hide your online footprint. This means you can safely exchange information on whichever Wi-Fi network you or your employees are using.

Backup your important data

No matter what size your business is, it is essential that all your important data is backed up so that your business can continue to run following the impact of a flood, fire, physical damage or theft. Moreover, it allows you to respond and recover quickly should you be subject to a cybersecurity attack.

Your website data, CRM/ email list and other essential data and documents can easily be downloaded as a CSV from the platform, or as files on a hard drive, and that should only be available to authorised personnel. You can also make the use of cloud storage, meaning your data is kept physical separate from your computer.

Use two factor authentication where possible

The final, and arguably the easiest tip to increase your business security, is to utilise two factor authentication. Your website, email and document access can easily be setup to require two factor authentication, making it increasingly difficult for hackers to access your data and business information.

Cyber Security should be at the forefront of any businesses plans for 2022, and if keeping your business secure online isn’t something you feel confident in achieving this year,

If you would like to check the validity of our ISO 27001 certification[TP1]  (Certificate Number 288302018) or find out more about the ISO 27001 principles, we follow then please get in touch today as we would be delighted to speak with you.


 [TP1]We need to check this url as it sometimes doesn’t work – we can do this when when we get confirmed

Categories

Intelligent Decisioning achieve ISO 9001 & ISO 27001

ID are constantly developing, and quality management and cyber security certifications are something worth shouting about!

What is ISO 9001?

ISO 9001 is the international Standard for quality management. Businesses that are certified commit to consistent quality and customer satisfaction. The certification can also help a company to expand their client base and open up more opportunities. 

What is required to become ISO 9001 certified?

“Intelligent Decisioning Ltd. already had a lot of requirements needed for ISO 9001 in place as they had already achieved certification in ISO 27001, the Standard for information security management. Meeting the requirements for ISO 9001 was therefore a breeze for them. 

Internal Information security and quality awareness are gained through training, company culture, values and strong internal processes and policies, all of which support the organisation for further success and improvement. Intelligent Decisioning Ltd. implemented all of these processes and are now set to continue to strive to satisfy their customers.”

Karen Knaggs, QMS UK

As well as gaining first time accreditation for ISO 9001, we were recently reaccredited for ISO 27001 (Information Security).

What is ISO 27001?

ISO 27001 is recognised worldwide as the standard for information security management.  

How did we achieve ISO 27001?

ID  demonstrated that we meet the high standards set by the International Organisation for Standardisation (ISO) through our achievement of the ISO 27001 cyber security certification.  

To qualify, we proved that we could not only prevent but defend against potential data system vulnerabilities. This was achieved through a comprehensive suite of information security controls.  

An annual audit, carried out by an external third party, ensures these systems continue to meet the stringent requirements set out in the ISO 27001 standard.  

We also recertified as a Cyber Essentials organisation to further strengthen our position as an organisation who prioritise the security of information. 

A word from our Managing Director

 “We are planning to use our accreditations to provide our customers with increased reliability and security of our systems and information, improve customer and business partner confidence, increase our business resilience and align more closely with customer requirements.”  

“Intelligent Decisioning Ltd are committed to quality management and keeping customer data safe. Achieving ISO 9001 and 27001 has allowed Intelligent Decisioning Ltd to successfully tender for a number of opportunities that would otherwise have been out of scope”   

Managing Director, Andy Smith

Get in touch to  find out more about the ISO 9001 / 27001 principles that we follow, we would be delighted to speak with you.  

If you would like to check our certificates then visit http://www.qmsuk.com/verification  and use Certificate Numbers 377602021 and 288302018.  

Email: info@id-live.com 

Telephone: 0845 643 9726