A recent government report showed that fewer UK businesses suffered a cyber security attack in the year to April 2019. According to the Department for Digital, Culture, Media and Sport survey, 32% of businesses identified such an attack, down from 43% the year before. Of course, many UK organisations had made changes to cyber security systems to prepare for the General Data Protection Regulation (GDPR). But the report also showed that businesses suffering attacks and breaches were targeted multiple times. And where any breach resulted in a loss of data or assets, the average cost associated had also risen.
Together with last week’s news about spyware on WhatsApp, it’s a reminder that organisations must take cyber security seriously. In our interconnected world, cyber-attacks, malware and computer viruses are all too frequent. For organisations handling personal data, it’s therefore all the more important to make sure they have robust IT systems in place. We thought we’d take the opportunity to look at some of the steps which UK-based organisations can take.
Back up, update, be vigilant
Step number one to enhancing cyber security is to back up your data. If you have a backup you can reboot your system to a point before a virus attack. The more frequently you backup, the less data you’ll lose by restoring to an earlier point. Your backup should be stored away from your principal system. If you don’t have a backup and have been infected by ransomware or another virus, you should stop using the system. Contact your IT provider, as they may still be able to recover some data. But act quickly – the longer you continue using your system, the more it reduces the chances of data recovery.
As well as backups, ensure you have the latest security updates for your operating system. Install and update high-quality malware and anti-virus protection to get the latest cyber security tools. It’s important to make sure that you’re using the latest version of apps too. It’s also vital to be particularly careful about opening email links and downloading files. Remember that emails from business associates, friends and family might also be infected.
Cloud data storage ensures cyber security
CAS can provide a solution to IT system vulnerabilities. CAS-Cloud and document storage is the ultimate off-site backup. CAS-Cloud allows clients to store physical documents at our facilities, and work with digital copies via our secure online portal. CAS-Cloud runs on a bank of dedicated high-grade servers in a secure server room at CAS HQ. By defining user access and introducing multi-layered file permissions, we record any activity performed on data stored in CAS-Cloud. The comprehensive audit trail remains for the life of the material.
We continually strive for the highest levels of cyber security. CAS’s fully accredited IT services and support partner, Promentum Ltd, routinely undertakes full scans of our network. They operate in accordance with ISO/IEC 27001 compliance. They use GFI LanGuardTM, the predominant network security scanning tool, which can remedy vulnerabilities and install missing patches on networks.
Meanwhile, CAS servers run on an uninterrupted power supply, and are backed up daily using advanced Quantum RDX Data Tape. Each day, we swap cartridges over and secure the tape in a Turtle RDX 10 padlocked case. We then remove this waterproof and double-walled case to another building within our secure gated compound. We place the case in a securely locked Profile NT Fire 017 fire-resistant cabinet.
Physical security further protects data
As well as cyber security, we take pride in our high levels of physical security too. We monitor the secure gated perimeter using CCTV M12 Mobotix recording cameras, to ensure 24/7 record of any activity. Video and audio records are backed up off-site. We’ve fitted the storage facilities throughout with an optical fire beam protection system and air quality monitoring. Redcare security alarms are linked directly to police and fire brigade. And all staff members have signed confidentiality agreements, and have been checked through the Disclosure and Barring Service (DBS).
We take all these steps to ensure that our services are compliant with GDPR. But we can also point you in the direction of help to boost your internal security systems. The National Cyber Security Centre (https://www.ncsc.gov.uk/) publishes guidance and regular updates on a wide range of cyber security topics. Meanwhile, the Information Commissioner’s Office (https://ico.org.uk/) outlines the systems you should have in place to meet data protection requirements.
If you’re looking for a digital document storage solution to increase your organisation’s cyber security, contact one of our team today.
- Email: [email protected]
- Call: 0845 50 50 003
About CAS cyber security
CAS provides comprehensive and secure legal sector document storage, scan on demand, and facilities management services. For more than 20 years, CAS has worked with NHS Trusts, Financial Services providers, and corporate and private clients. Our head office is just four miles from the City of London, supported by our advanced storage centres across the UK. CAS has an impressive array of international certifications (ISOs). These prove our compliance with the strictest national, European and international laws. They also demonstrate our commitment to provide innovative systems on security, confidentiality and quality control.