By Daniel Flynn, Daniel Flynn IT Services
Cyber-security has featured a lot in the news in recent years, but it’s easy to still view it as quite a distant problem. We hear about politicians, celebrities and huge multinational businesses and corporations becoming victims, with huge public embarrassment and financial loses. However, in hindsight these all seem like obvious targets for cyber criminals, with obvious rewards for the criminals responsible. Why should a shop, charity or farm in Tipperary have to worry about the same issues themselves?
Firstly, there is the financial concern. So many people use internet and mobile banking these days, and if they are doing it from an unsecured computer or mobile device, it is a rich target for a criminal. If you don’t have a reputable anti-virus program installed on your computer, you shouldn’t even consider accessing something as sensitive as your bank account. The same concerns should be considered for mobile devices. Have you ever walked into a hotel or restaurant, seen that they have free WiFi without a password, and connected your phone, tablet or laptop up to it? You are at that point connected to a completely unsecured network, and anything you do is vulnerable to being spied upon by a criminal accessing the same network. I would never recommend accessing sensitive information wirelessly unless it is on an encrypted (password protected) connection that you know you can trust.
Secondly, the information that you possess may be more important than you realise. Even if you simply have a single Word or Excel document that lists your customers or suppliers, you have a serious legal responsibility to keep this list protected. You don’t even have to have sensitive financial information such as credit card details for this legal responsibility to apply. Merely keeping a record of a customer’s address, telephone number or email address is a serious responsibility. Failing to take this responsibility seriously can lead to prosecution. This applies to paper records as well as digital records, but for paper records you are considered to have acted responsibly so long as you keep them on private property, or in a locked filing cabinet. If someone smashes a window or picks a lock, you are unlikely to be held responsible if they steal information belonging to one of your clients. However, if you left a file on a table in a cafe, or on a windowsill next to an open window, you may be legally liable if this information is stolen and misused.
The same logic applies to the online world. If you store customer data on a password protected computer that is well maintained and has anti-virus software installed, you are unlikely to be in legal trouble if someone gets around those security measures and steals private data. However, if a theft occurs because a computer was freely available to anyone, or did not have adequate security software installed, any kind of business or charity could find themselves in serious trouble. More and more legislation is being passed to force businesses to take responsibility for their customers’ data, both in Ireland and in the EU. We are all clients ourselves, so it is great to know that our telephone or internet providers are being threatened with legal action if they do not protect our personal information. However, we should never forget that the same rules apply to everyone, including small businesses and the self-employed. If you hold any information about your customers, it is up to you to make sure it is safe.
Daniel Flynn IT Services can help you achieve this in a variety of ways. You do not have to go to incredible lengths, or spend crazy amounts of money to protect yourself from liability. To seek advice, or to arrange a full IT Security Audit, please don’t hesitate to get in touch today. For regular tips and updates, you may also follow our Facebook page.