Story image

ICT safety & security

01 Nov 2010

Like schools and home, businesses and community organisations need to establish safe internet environments. Every organisation that uses basic tools like the internet and mobile phones needs to have a robust cybersafety framework in place. If your employees accidentally come across inappropriate material in the workplace or are aware of a breach in ICT security, do they know what to do? Do they even know what counts as a breach? Who should they tell about it?
Breaches can happen in any number of ways.  People can accidentally compromise ICT security.  Employees can unwittingly aid cyber criminals to reach your networks by bringing in their personal IT equipment which could be infected with malware. Having a policy in place for your employees ensures everyone is using their ICT equipment for the benefit of the company, and that the inevitable risks are minimised.
What is a breach?
A breach in ICT safety and security is any technology-based event that might damage your company. It might be as simple as employees wasting time surfing the net, or as complex as the theft of sensitive data through malware. 
Malware has evolved from the self-reproducing viruses made to crash computers in the ‘80s, into the highly technical tools used by gangs of cyber criminals to steal passwords, credit card details and identities of today. 
With appropriate internet security systems and policies, employers can avoid malware affecting their networks.
Malware can be brought into company networks with employees’ personal IT equipment – laptops that are used both at home and at work, USB sticks and mp3 players, email attachments and social networking websites. Recent research suggests that three-quarters of data breaches are generated by internal sources. 
What’s the threat?
It could be argued that staff members are a bigger threat to company IT networks than cyber criminals. On top of access to passwords and administrator privileges, employees usually know what is worth looking for and sharing with competitors. By making sure your networks are secure and ensuring all your employees have an understanding of ICT policies and procedures, you are lessening the chances of a data security breach both internally and externally.
What should SMEs do?
First and foremost, having an IT policy is recommended by all internet security experts. The Whatsit? is a useful guide to creating your own personalised policy. As with other safety policies and procedures, such a document can help protect your staff and your clients from harm.
Companies from a two-person start-up to big corporations with IT departments should all have IT security policies in place. This will assist in helping staff identify security breaches and understand what to do when they come across one. Any ICT safety or security breaches should be reported and recorded; this is essential in tracing the source of the breach and ensuring it won’t be repeated.  Keeping a cyber security log in the same way that first aid reports are kept is an easy way of tracking ICT security issues.
There are two main aspects to implementing an effective cybersafety framework:


  • Establishing a safe internet workplace environment for your employees

  • Educating staff about their role in the maintenance of a safe cyber environment.


An IT policy should be specific to your organisation’s requirements.
Resources
www.thewhatsit.org.nz – a toolkit to help employers create an IT policy specific to their organisation’s requirement. It defines obligations, responsibilities, and the nature of possible consequences associated with breaches and behaviour deemed to undermine the safety and professionalism of the work environment. There are units for staff to complete, and you can create your own IT policy for staff to sign.
www.theorb.org.nz – a cybercrime-fighting website designed to streamline all of New Zealand’s cybercrime complaints and then direct them to the responsible agency. 

Security flaw in Xiaomi electric scooters could have deadly consequences
An attacker could target a rider, and then cause the scooter to suddenly brake or accelerate.
Four ways the technology landscape will change in 2019
Until now, organisations have only spoken about innovative technologies somewhat theoretically. This has left people without a solid understanding of how they will ultimately manifest in our work and personal lives.
IDC: Top 10 trends for NZ’s digital transformation
The CDO title is declining, 40% of us will be working with bots, the Net Promoter Score will be key to success, and more.
Kiwi partner named in HubSpot’s global top five
Hype & Dexter is an Auckland-based agency that specialises in providing organisations with marketing automation solutions.
Moustache Republic expands Aussie presence with new exec
The Kiwi digital commerce partner has appointed a Sydney-based director to oversee the expansion of the company’s Australian footprint.
Epson’s new EcoTank range with two years printing per tank
With 11 new EcoTank printers that give an average user two years of printing and cost just $17.99/colour to refill, Epson is ready to change the game.
Te reo Māori goes global via language app called Drops
If you’re keen to learn a few words of Māori – or as much as 90% of the language, you may want to check out an Android and iOS app called Drops.
Reckon Group announces a steady profit in 2018
Reckon continued its investment in growth throughout the year with a development spend of $14.3 million.