IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

ICO advises SMBs on avoiding data breaches

Data protection watchdog publishes guidance to prevent small firms falling foul of the law.

Data locked

The Information Commissioner's Office (ICO) has published a guide for SMBs to help them make their IT systems more safe and secure.

The data protection watchdog, who fines companies who lose sensitive data, hopes the guide's advice will be easy and inexpensive for small businesses to implement.

The guide's aim is to help smaller firms avoid serious data breaches, as well as the fines associated with them.

The Information Commissioner, Christopher Graham, explained: "While we recognise that the biggest organisations will have these strategies already in place, smaller enterprises often tell us that they would benefit from simple and clear advice specifically designed for them."

The 12-page guide suggests small businesses review the personal data they have and then assess the possible risks to their business.

Determining how sensitive or confidential that data is will allow them to choose the security measures that will work best for them, it is claimed.

The ICO also suggests SMBs use a "layered approach" to security by introducing a number of different techniques and tools. The idea being that, if one layer fails, others would be in place to catch the threat.

SMBs should also ensure that data is secure on devices being used away from the office, the guide advised. For instance, by encrypting these files, businesses can be assured that information will be accessed only by authorised users.

Since November 2010, the ICO has handed out penalties totalling 1.5 million to companies that failed to keep information secure.

The aim of the guide is to help smaller firms avoid serious data breaches, as well as the fines associated with them.

Mike Cherry, policy chairman of the Federation of Small Businesses, said: "It's important that the ICO have published this guidance specifically for small businesses.

"Good IT and data security should be part and parcel of good business practice and businesses should think about the simple steps that they can put in place to achieve this," he added.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

ICO crackdown on AI recruitment part of three-year vision to save businesses £100 million
data protection

ICO crackdown on AI recruitment part of three-year vision to save businesses £100 million

14 Jul 2022
29% of UK SMBs cancelled cyber insurance policies in 2021
cyber security

29% of UK SMBs cancelled cyber insurance policies in 2021

9 May 2022
Cabinet Office fined £500,000 for New Year Honours data leak
data breaches

Cabinet Office fined £500,000 for New Year Honours data leak

3 Dec 2021
ICO publishes new data protection standards for the adtech industry
data protection

ICO publishes new data protection standards for the adtech industry

25 Nov 2021

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022