Security Policy Framework Compliance Tool
As we mentioned recently, the UK Government has released an updated version of the Security Policy Framework (SPF), which details the security requirements for government agencies and departments. It also…
As we mentioned recently, the UK Government has released an updated version of the Security Policy Framework (SPF), which details the security requirements for government agencies and departments. It also…
Passwords are probably the most widely used authentication mechanisms available. They are, on the whole, easy to deploy, easy to explain to users and easy to manage. It is likely…
As previously mentioned, we have updated the SPF Compliance Checklist to make it suitable for use with Version 7 of the Security Policy Framework released a few weeks ago. The…
Another week, another Data Protection Act breach. Yesterday, the ICO reported on a former employee of an online gambling site who pleaded guilty to selling the personal data belonging to…
Earlier this week, the Justice Committee Ninth Report made the recommendation that the Information Commissioners should have the power to issue custodial sentences (prison time) for breaches of the Data…
As reported on the BBC news today, the head of the UK signals intelligence organisation - GCHQ - is concerned over the rising number of attacks on UK businesses. From…
One of the most challenging part of building security into your organisation - or even just improving your existing security - is determining how you will measure the effectiveness of…
A press release issued today by the Information Commissioner's Office indicates that (in the UK at least), more and more businesses are becoming aware of their data protection responsibilities. However,…
Having good security practices, backed up by a knowledgeable & well trained staff delivers genuine value to your business. Having this security culture embedded in your organisation to the point…
There has been a lot of press coverage over the recent incident where a cabinet office minister (Oliver Letwin) was observed throwing official documents into a public waste bin. Although…
Proper management of risk is essential to every organisation. Although frequently seen in a negative light, risk is simply an uncertainty of outcome and routinely accompanies new opportunities. Poor risk…
It is difficult for any enterprise level IT hardware supply to keep up with the trend for new, shiny, consumer devices. Most businesses have a multi-year cycle of purchasing assets,…
It is important that you understand what your current security situation is. This is the bedrock for everything else you do, however, unfortunately most organisations seem to have difficulty pinning…
Most businesses understand that security is important but, as we discussed in a previous post (How do you measure the value of Information Security?) there is a tendency for owners…
Security always fails at some point. No matter what you do, the bad guys will eventually manage to get past something. Sadly, this is inevitable. The best employee screening program…