PLEASE DON’T GIVE EVERYONE ACCESS TO EVERYTHING

With so many potential vulnerabilities in every business IT system, there is no “silver bullet” - no single safety measure that will let you sit back and relax, knowing your IT is safe and data is secure. 

Most of the risks are ongoing and constantly changing. They need an active approach to stop your business falling victim to a data breach or malicious cyber-attack. 

It would take a lot more space than is available in this newsletter to talk about all the risks you face. 

So instead, we can talk about one of the most important things you can do to stay safe. 

MAKE SURE YOUR TEAM ONLY HAS ACCESS TO THE DATA IT NEEDS 

Keep an eye on who has access to what, and whether they need it.  

The more people have access to sensitive data, the more potential routes there are for the wrong people to get access to it.  

If you give everybody access to everything, all it will take is for one account to become compromised. And before you know it criminals armed with malware will have access to your systems.  

Just as important as this is how you manage the IT accounts of people who leave the business or change jobs internally. For example, if an employee switches from accounting to a management job in a completely different part of the business, they probably won’t need to keep access to all the data they needed for their last role.  

Failing to adjust permissions only adds to your level of risk. When people leave your business, you must immediately restrict their access to your systems and data. Implement appropriate policies and processes to reduce the risk of something slipping through the net.