Halkyn Security Blog
Specialist Security & Risk Management Consultants

Posts tagged security education and awareness

Suspicious mail advice – Advice from NaCTSO

Suspicious mail advice – Advice from NaCTSO

This communication regarding suspicious mail has been issued by the National Counter Terrorism Security Office (NaCTSO) and the Centre for Protection of the National Infrastructure (CPNI). Please feel free to forward it on wherever appropriate. If you would like more advice about your specific situation, what risks you might face from suspicious mail (or other […]

Read More

Governance failure costs £45,000

Telesales can be effective at promoting your business but you need good governance in place to make it work for you.

A breakdown of internal governance processes has led to the Information Commissioner’s Office (ICO) issuing a civil monetary penalty (fine) on Tameside Energy Services Ltd, a Manchester based company claiming to offer a range of energy improvements and making heavy use of cold-call sales tactics. Showing a growing tendency to fine private companies, the ICO reported […]

Read More

Fax machines – not suitable for sensitive data

Fax Machines - out of date and insecure

It seems some technologies are hard to get rid of and it seems that people are still using fax machines to send data despite them being slow, cumbersome, unreliable and, most importantly, insecure. As it is 2013, it should go without saying that fax machines are not an appropriate mechanism to send anything sensitive and […]

Read More

Security awareness training – value or not?

Security awareness training – value or not?

Last month (27 March), the security and cryptography expert Bruce Schneier posted an article on his blog about Security Awareness Training. Now, it should go without saying that Bruce Schneier is one of the leading lights in the IT Security world, he has written several very informative books which would always top our suggestions for […]

Read More

4 steps for schools to improve their information security

4 steps for schools to improve their information security
Read More

Office security checklist – Updated

Office security checklist – Updated

As part of our ongoing drive towards improving your security, We have updated our office security checklist to make it easier to use and clearer to follow. The 2013 version of the security checklist is now available to download. The idea behind the document remains the same: this is something you can print off and […]

Read More

Bad Security – Taking Risks and Not Realising It

Bad Security – Taking Risks and Not Realising It

Another fine has been issued by the Information Commissioner’s Office (ICO) and, again, it is the result of something that could easily have been prevented if a bit of time and money had been spent in advance. On Thursday, 22 Nov 12, the ICO reported levying a £60,000 Civil Monetary Penalty (fine) on Plymouth City […]

Read More

Data Security – Fines for breaches increasing

ICO Fines Increasing for data breaches

This month has seen a major increase in the fines levied by the Information Commissioner for breaches of the Data Protection Act. Over the last 30 days, there have been over £500,000 fined in three different breaches of the act, with £415,000 of the fines being in the last 11 days. At the moment, it seems to […]

Read More

Security Awareness Training – One of the few good security metrics

Security Awareness Training – One of the few good security metrics

Recently we discussed both the value and problems around developing security metrics as part of your organisations overall management strategy. One of the best metrics you can generate revolves around security training and staff awareness. It vastly outweighs the value of measuring additional activities like patching within 30 days or updating AV data bases. Properly […]

Read More

Personal Email + Work Activity = High Risk Situation

Personal Email + Work Activity = High Risk Situation

Almost everyone has a personal email address, to the point where you are probably more shocked to discover someone who doesnt rather than a person who has several. In recent years, as the internet has become more embedded in our daily life this has exploded and people now access their email on their phone, tablets, […]

Read More

Protecting your employees, executives and family

Protecting your employees, executives and family

Business are often excellent at cataloguing the importance and value of the physical assets they hold – such as product stock, machinery, company cars etc. Most are even quite good at identifying and valuing their intellectual assets – things like contact lists, patented processes and so on. Where almost every business falls down is realising the importance and value […]

Read More

How to design a password policy

How to design a password policy

Passwords are probably the most widely used authentication mechanisms available. They are, on the whole, easy to deploy, easy to explain to users and easy to manage. It is likely that every online application you interact with, from your bank, to social networking, to email, will require you to enter a password to gain access. […]

Read More

How do you measure the value of security?

How do you measure the value of security?

For lots of people and businesses of all sizes, security is viewed as something which is an unfortunate cost that simply has to be tolerated. In effect, this gives rise to a tendency to see it as burdensome and a “spend of last resort.” Sadly, few businesses will look to invest in their security and, […]

Read More

Information Protection Policy – Template for Free Download

Information Protection Policy – Template for Free Download

Almost every business, what ever its size and function, handles sensitive data. This can range from a list of your customers and their addresses, to full-blown business intelligence systems that track their trends. However you manage your customers, it is essential that you have a robust, well thought out Information Protection Policy in place. To […]

Read More

Recent Tweets Recent Tweets