Is your business at risk of sleep-walking into a reputational time bomb?

Press release - 15 July 2011

The current phone hacking scandal is just the tip of the iceberg when it comes to keeping company information secure.

Companies need to wake up and take responsibility for information security if they want to remain profitable and protect their reputations.

Most high-profile data breaches are not caused by hackers or thieves, but by bad business processes and policies. The key to mitigating such risks is to ensure that the security of data and information is firmly aligned and embedded within the goals and objectives of an organisation, from the boardroom through to the switchboard.

Those companies that seek knowledge and put in place effective processes and robust information security frameworks, are more likely protect their assets, reduce downtimes and gain new business.

As a global leader in information security management solutions, we have put together some basic tips for you:

BSI's 5 ‘must do’s’ for information security

Recognise the importance of all information in your organisation
Strike a balance between accessibility, availability, integrity and security of your information
Assess the real risks associated with information in your business (e.g. loss of customer data during transfers; unhappy staff sharing intellectual property outside the organisation; staff opening emails and releasing viruses into the network; staff printing out confidential information and losing it or leaving it exposed to loss; access by unauthorised persons)
Know your legal obligations (e.g. data protection)
Tackle the obvious small things – locking screens when leaving the desk, displaying security passes, operating clear desk policy, passwords for mobile devices

Top 5 information security pitfalls:

Assuming the more you spend on software the safer you are.
Leaving it all to the IT department
Lack of senior management buy in
Staff awareness and competence
Believing there is nothing you can do to stop staff compromising the information either accidently, or through deliberate acts

Is your business at risk?

If so, here are some practical solutions to help you get started:

Data Protection Pocket Guide: Essential Facts at Your Fingertips - a user-friendly guide that brings to life the issues involved in data protection.
A Manager's Guide to Data Security and ISO 27001/ISO 27002 - the complete Information Security Management System toolkit (CD-ROM and book).

About BSI

BSI (British Standards Institution) is a global organization that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. Formed in 1901, BSI was the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO).

Over a century later it continues to facilitate business improvement across the globe by helping its clients drive performance, reduce risk and grow sustainably through the adoption of international management systems standards, many of which BSI originated. Famed for its marks of excellence including the instantly recognizable Kitemark^®, BSI’s influence spans multiple sectors including aerospace, construction, energy, engineering, finance, healthcare, IT and retail. With over 70,000 clients in 150 countries, BSI is an organization whose standards inspire excellence across the globe.

Find out more about BSI >