IT security: The essentials
Creating a security policy
One thing many small businesses forget to create is a policy that helps you secure the IT used in your business. By implementing a policy you will have laid out clear lines of responsibilities and will ensure you and your team protect the reputation of your business.
Creating a policy to secure your business IT
The chances are that you have been busy writing business plans and have in place a great sales and marketing process. But one thing many small businesses
forget to create is a policy that helps you secure the IT used in your business.
By implementing a policy you will have laid out clear lines of responsibilities and will ensure you and your team protect the reputation of your business.
If you follow these steps it should not take you long to build an effective IT security policy.
Objective of an IT security policy
Some very small businesses will see the creation of an IT security policy as a waste of time. For most sole traders it is not necessary to create a formal policy as you are working by yourself and can be in control of your IT systems personally. That said, there are still some tips that you will pick up from this project as they are important for all size of business.
For small businesses that employ one or two staff that use company IT equipment as part of their job a security policy can act as useful protection against bad employee behaviour and get over the claim by an employee that “they didn’t know”.
In some cases you may find your customers and/or suppliers demand that you have a security policy in place that they can review – especially if you may be formally linking into their IT systems.
The growth in social networking and online gambling sites is causing concern to many employers as these sites can be a huge distraction from day to day work. In addition access to certain sites may lead to compulsive behaviour that is beyond the remit or management skill of a small business owner.
The objective of the security policy is to:
- Set the boundaries of employee use of IT.
- Say what is deemed acceptable behaviour when using IT systems.
- Explain processes and procedures that have been implemented to protect and manage IT systems.
- Assign roles and responsibilities for staff so everyone knows their respective tasks.
- Explain what will happen if the policy is ignored or deliberately breached.
Source: Creating IT security policies
The Business IT Guide enables businesses to make the right IT decisions