ND Communications welcomed a number of clients and contacts to a special event to hear from the Managing Director of Net Defence, our parent company, and some of the specialist information security team which include former GCHQ specialists. The event focused on keeping modern day communications systems secure in a digital era and included tips for secure software, preventing cyber attack and keeping your data and staff safe as well as an update on the GDPR developments.
ND Communications is a division of Net Defence – market leader in information security for businesses, government and third sector organisations as well as high profile individuals.
The combination of protection and risk management has emerged as a significant compliance requirement for organisations in the UK as well as impacting on the value of a business. Our ND Communications team works to ensure that clients are kept aware whenever possible of emerging security trends, and guidance on best practice.
After sourcing and installing the best value communications solutions we like to keep clients safe and secure.
The audience found the session hugely beneficial and much discussion was had around these three key points, which proved to be a regularly overlooked aspect in many businesses;
- Have a security-training plan – staff training should have regular security and GDPR topics in a business’s annual training plan. Compliance requirements warrant regular staff reminder sessions as well as being robustly covered during induction. Many said existing staff were found to be being missed when it comes to this type of training, and so creating a regular team training schedule will protect your business and its staff. The fast changing nature of what communication and information security needs to navigate means that staff in many businesses are wildly out of date in knowledge and pose an easy route of access to penetrate the business through what is recognised as social engineering.
- Have a regular communications audit – many find that Bring Your Own Device solutions with team members or team members accessing company WiFi in breaks is creating a security risk to the business. Having a professional review of all communications software, devises and type of uses regularly will help enable better value solutions for your company as well as identify when a security review may be required.
- Review processes – The dawn of GDPR regulation requires a reporting period of any breach within 72 hours or penalty ensue. This under current government guidelines includes for example leaving a note book on a train, as well as IT breaches – if each member of staff does not understand and adhere to the 72 our reporting window your company could be hit with a fine. When you consider the location and shift patterns of your team you may need an out of hours a multi location solution to enable a staff member to report a breach to enable management to report this to the ICO all within the 72-hour window. This may also require extra training and culture development to ensure that staff feel confident to report mistakes which are categorised as a breach under GDPR and not hide a mistake for fear of disciplinary action – this would put the company at risk of being fined. Even more significantly outwith fines if your company is recognised as not robustly looking after customer or staff data, your reputation could also be at stake.
If you would like to attend future events with us let us know and we add you to our guest list. Our team of specialist consultants also help draft policy and delivery security training, helping you to understand secure software, preventing cyber attack and ensuring that your communications remain secure. If you would like to discuss any aspect of support for your business contact us.