Cyber security – Managing the risk

For cyber risk to be adequately addressed, cyber security strategies should be secure, vigilant and resilient and identifying the risks is a good place to begin.

Workplace Risks

  • Sensitive information on the walls and left uncovered on desks
  • Sharing passwords/passwords kept in easy to find places
  • Unlocked computers

Home Risks

  • Document disposal is not secure
  • Unsecure networks
  • People overhearing discussions or viewing sensitive information
  • Documents left lying around
  • Burglary
  • Use of personal social media accounts may create a risk

On The Move Risks

  • Discussing sensitive information in public areas
  • Your security pass is easily accessible/visible to the public
  • Equipment is left unattended even for a brief moment
  • Sensitive documents are in clear view of onlookers

Get Technical – protect company equipment:

cyber security protect company equipment

Malware protection: install anti-virus solutions on all systems. Consider restricting access to inappropriate websites to lessen the risk of being exposed, maybe create a policy governing when and how security updates should be installed.

Network security: increase protection of your networks, including wireless networks.

Secure configuration: maintain an inventory of all IT equipment and software.

Managing user privileges: restrict employees and third-party access to IT equipment, IT systems and information to the minimum required.

Home and mobile working, including use of personal devices for work: ensure that sensitive data is encrypted when stored or transmitted online so it can only be accessed by authorised users.

Removable media: restrict the use of removable media such as USB drives and protect any data stored on such media to prevent data being lost and malware from being installed.

Monitoring: monitor use of all equipment and IT systems, collect activity logs, and ensure that you have the capability to identify any unauthorised or malicious activity.

gdpr hr rev graphic

Ensure the correct policies are rolled out to the employees based on home working and remote working. These policies will detail the specifics on how the employee is responsible for mitigating the risks when working from home or on the move.

Training can also be rolled out to educate employees on the risks, the signs of potential breaches and how to mitigate these. For example how to conduct their business when working in exposed public places.

Make sure HR work closely with IT to incorporate appropriate IT training and schedule regular IT ‘check ups’ for employees workplace devices.

We hope you enjoyed our article, look out for tomorrow’s blog; “Cyber security – How HR can help”

Get in touch and let HR Revolution run through a GDPR audit to see where and how quickly changes can be implemented.

Call +44 203 538 5311, email: hello@hrrevolution.co.uk or visit www.hrrevolution.co.uk  where our expert CIPD HR professionals are waiting to help you with any questions you may have.

HR Revolution; supporting you, your employees AND your business.

HR BLOGGER CTA

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s