What is a Cyber Security Policy?All about a Cyber Security Policy:
If you own a business, it is important to have a cyber security policy. This is not only a guide and reference to be used internally with your employees, but also as a reference point to deal with any external data from customers. Your Cyber Security policy should be thought of as a moving, changing entity that will need to be updated regularly to keep up with technological advancements, and any changes within your business. What does your Cyber Security policy need to cover? Firstly no two cyber security policies will be the same. Your Cyber Security policy will be unique to your business, depending on your particular type of business, and what kind of data you deal with. The first thing you need to do is to identify the particular risks for your business. If you are an accountant for example, your focus is on how you deal with customers’ personal information, bank details, IRD number etc. Once you have worked to clarify your specific risks, you can then prepare for what to do if something goes wrong. Your IT Alliance member has knowledge of a wide variety of industries, and will be able to assist you to clarify what you need to be mindful of. Having a clear plan in place, means that everyone in your organisation knows what to do, who is responsible for what, and what processes you have in place to mitigate the risks. You will also need to create two cyber security policies. One, an internal one for employees, and the second one is a public one for customers. What needs to be included in the Policy? The below information has been taken from the Cert nz website Cert NZ suggests that you break your internal policy down into different areas. Data This should cover how you handle data safely and securely — both your business’s data and your customers’. Think about:
Systems It’s important to identify what systems you have, and which ones are critical to your work. Consider:
Security and protection Security and protection covers how your staff and customers access your systems and data. It means thinking about:
People and users You need to think about what you consider to be acceptable use of your business’s systems. How do you expect your staff and your customers to interact with them? Make sure you set expectations so they know:
Physical devices and systems When you think about protecting your business’s devices and systems, make sure you cover both:
Problems and incidents You’ll need to define what you and your team will do when things go wrong. This means creating an incident response plan to map out what you’ll do during, and after, a security incident. It can be a stressful time for both you and your staff, so it’s good to be prepared in advance. What next? The team at Decision1 are used to helping clients with their Cyber Security policies. Reach out to us here and we will be able to assist you.
0 Comments
Given the recent spate of storm events, and the weather experts saying we’re going to get more in the future, now is the time to check your IT gear is protected from weather events.
New research from NIWA (National Institute of Water and Atmospheric Research) has shown that extreme events have occurred four to five times more frequently in the last decade. Many IT technicians had call-outs from clients after the recent storms. Thunderstorms can literally fry electronics, and this causes not just replacement cost, but also work disruption and even possibly data loss. Many technicians carry surge protectors in their cars, so that whenever they are working, they can ensure that sensitive IT equipment is at least surge protected. But for clients we see less often, or who are not on a managed service agreement, it’s easy for IT devices to not be surge protected. Your staff, cleaners or others will sometimes move plugs about. Be aware that this does matter. Now is a good time to have a look at your computer equipment, or ask your IT Alliance partner to do it for you next time they are onsite. Here are our top tips to protect your IT – how do you stack up?Surge protectors A surge protector guards against the damage that sudden power surges can cause.
An uninterruptible power supply (UPS) is an electrical apparatus that provides emergency power when the mains power fails.
While surge protectors can last for years, it pays to keep a close eye on them and replace them if needed. There are so many easy things that you can do to ensure you keep good working practices either at home or in the office. Here are some top tips: 1) When to Reboot your computer: It’s a well known joke around the IT world, that support calls always begin with “have you tried rebooting?." It may seem like a frivolous joke, but there is truth to the joke for good reason. Your computer performs important updates and resets during a reboot, so rebooting regularly keeps your computer functioning at its best. Your computer should be rebooted at least once per week. A good habit is to shutdown your computer at the end of your working day. This ensures your computer is updated regularly and that your machine also gets the opportunity to completely cool down. During normal operations the internal components of your computer heat up, and most workstations are not designed to handle these high temperatures for long. They are normally designed to stay warm for 8-10 hours per day. Machines that are run for longer than that regularly often have a much shorter life, as internal components wear out quicker. To reboot your machine, press the windows icon on screen (or the windows button on your keyboard), select the power icon , then Restart . We recommend shutting down your computer at the end of each shift, following the same procedure, but selecting Shut down . 2) Installing Apps Yourself: During your working day, you may find the occasional time where you feel the need for a new application you don’t already have, to perform an additional function, or to improve on the application you currently use. New, and free, applications can be easily found on the internet, but these applications can be malicious, and it can be hard to tell which is and which isn’t. In addition, a malicious application can contain a virus or open a “back door” giving others access to your device with your knowledge. We strongly recommend that you do not install applications on your machine without first vetting the application for safety. All the software you need to perform your job would normally be provided to you from your manager, so make sure you talk to your Manager if you require additional software, so you can make a safe plan. Alternatively, you can contact Decision1 and we can help you decide if this is safe software to install. Read more below.... The POWER Trifector Solution for Document Automation
The environment in which we operate has significantly changed. Businesses in [add your location here] have been driven to embrace remote working. Every good business is constantly on the hunt for new ways to improve their efficiency, keep their costs down, and increase productivity and profit and decrease risk. What if we told you that you might be sitting on a goldmine of opportunity? Having Microsoft 365 is bit like owning a spaceship. You know what it's used for, but how to use it? Let's unpack it a bit further. Most Common Problems The most common problems we hear of through our IT Alliance network around the country are:
Making the most of Your Microsoft 365 Sharepoint and Power Automate are both free with your business Subscription. Did you know you could use them in these ways? Microsoft SharePoint – SharePoint (their free document management system) can seem overly complicated because it can offer so much. But it doesn’t need to be so scary. You can start small and use more functionality as needed or as you grow. Basically, it’s a platform that offers content management and collaboration. It helps with reducing duplicate files, gives you remote access (needed more than ever!) and allows you to work on the same document at the same time. Find out more about SharePoint here: https://ita.co.nz/sharepoint-shakedown Microsoft Power Automate is another free app that allows you to automate workflows across applications. You can use it to connect email and instant message alerts, synchronize files between applications, copy files from one service to another, collect data from one app and store it in another, and much more. Templates are available to get you started. Efficiency is key for sustained success across businesses and Power Automate assists this by simplifying workflows with the automation of repetitive tasks. Power Apps - is a low-code application development platform that integrates with Microsoft 365, Dynamics 365, Azure and more. With Power Apps, web and mobile applications can be built without writing code. Instead, you can use pre-built templates and components with drag-and-drop simplicity. Power Apps has been described as a bit like a meal delivery kit. The ingredients are pre-measured and chopped. The instructions are ready to go. All you have to do is prep and cook. Because Power Apps has advanced logic and rules built-in, development time is cut by 70%. In some cases, it takes just a few hours to build an app. Or you can customize one of the pre-built templates in just minutes. Plus, Power apps connects to hundreds of business systems and databases. Here are some impressive statistics to show how Power apps is super useful.
Real Business, Real Change Quality Food Services is the largest exporter of butter pastry in NZ. Up until a few years ago they were struggling with their documents and approvals as they were complicated and manual. They used SharePoint to create an online document management system that had version control, search features and navigation that made finding documents and using them easier. You could track your changes so that everyone was always up to speed on any project. Power Automate helped QFS to automate their business processes and approvals using tailored notifications and automated data entry, saving plenty of time and increasing the accuracy of the approval process. Power apps helped to collect information and display where everything was in the process so that the project could be managed much more easily. All of this saved them time, money and decreased their risk significantly. Where to from here? If you have a process that you are helps make your document management process a little less of a headache, speak to your I.T professional here or you are welcome to register to attend our next Empower Session here. Meet Quality Food Southland
Meet Quality Food Southland or QFS for short. What started as a humble bakery and Café in the 1900's by Annie C Miller, grew into New Zealand's leading manufacturer in butter-based bakery products and sauces. They are the largest exporter of butter pastry in NZ. Up until a few years ago they were struggling with their systems and processes. Document Management and Approvals headache! Their document management and approval systems were completely manual. This meant a LOT of paperwork, and complex filing systems as each product version had to be kept on hand. There could be many iterations which make things complicated. Their approval process was also a headache. QFS had eight different approval processes. At each stage, approval had to be signed off by three different signatories. As you can imagine there was a lot of paper, storage and wasted time, not to mention the risk of making a mistake, was really high. Aiming for Change Ideally, the team at QFS were keen to make a few improvements. Document storage and security were key. They wanted to get rid of the complex document folder structure while managing and keeping all their file changes. They wanted to replace the manual time-consuming approval process for an online version, complete with change notifications, tracked changes and approval process stage indicators. Essentially, they wanted to have the process more manageable, consistent and streamlined. Empowering QFS with Microsoft After consulting with an IT Alliance Member, the QFS team decided that the best course of action was to have these seasoned professionals cook up a nicely balanced solution using some Microsoft products called SharePoint, Power Automate, and power apps. These were all available through having Microsoft 365. SharePoint helped create an online document management system that had version control, search features and navigation that made finding documents and using them easier. It even had a check in and out function. You could track your changes so that everyone was always up to speed on any project. Power Automate helped QFS to automate their business processes and approvals using tailored notifications and automated data entry, saving plenty of time and increasing the accuracy of the approval process. Power apps helped to collect information and display where everything was in the process so that the project could be managed much more easily. The End Result QFS ended up with a very slick looking web-based system thanks to Microsoft 365 and its added products. The best part is that it is all in one place. The new system stores all documents, manages document check-in/out, maintains all version history and records document changes. It allows users to check-out a document, make the required changes then completes the document approval process from start to finish. It includes notifications to stakeholders, updates progress and document control lists throughout the process. On approval, it creates a pdf version and stores it in a duplicate SharePoint suite used by “view only” staff. The result helps their business run more efficiently, with less risk. Sounds too good to be true, right? If you are ready to empower your business with Microsoft Products like these, you can reach out to your local IT Alliance Partner for a free consultation. Click here. #1. The easiest way to get someone’s password, is to ask
Human nature is such that we don’t want to offend someone, so out of an abundance of politeness, we often say yes when we want to say no. This includes when someone asks for a password! Hackers know this, so they will just straight-up ask you for it. They do this by sending a constant stream of email, texts and phone calls asking for your password. DO NOT GIVE IT TO THEM. Any technician who is working on your equipment does not need your password. If they do, they will ask you to log in for them. Never, ever disclose your password to anyone, for any reason. This includes anyone from Decision1. The Decision1 team will NEVER ask for your password. The Decision1 technicians do not need your password to make changes to your computer. If they do require your login, they will ask you to login for them, while you are present. To read more click below Let’s be honest. Remembering passwords on top of the million other things to do in any given day is a lot. Are your teams passwords fairly similar across multiple online accounts? It’s okay, you are not the only business. Most people reuse their passwords over many different applications, and have one or two passwords only. With the increased need for security, however, there are now much better ways to protect your accounts and provide additional layers of security. Nowadays almost all online services, banks, social media, shopping have added a way for your accounts to be more secure. Here we help you to understand MFA and 2FA plus introduce you to LastPass to manage your passwords. What is MFA and 2FA? Maybe you’ve heard of the term MFA or 2FA and are slightly confused. Let us help you break what this is and why you need it. MFA = Multifactor authentication 2FA = Two factor authentication To read more click below MICROSOFT TEAMS VS ZOOM - Which one is the best for you?
Meeting anyone? Remember the good ole days when we all used to cram in to a conference room, pass around the muffins, slurp on our takeaway lattes, and talk over the top of each other? Nowadays, with the new remote way of working, video calls ARE the new “business meeting” and often the new “phone call”. Top perks of video Technology:
What is Microsoft Teams? Microsoft Teams is a communication platform included in Microsoft 365. Though Teams offers video conferencing capabilities, that’s far from its only use. The platform also includes chat and voice calling functionality and enables teams to share and edit files in real time via a shared virtual workspace. Teams is highly integrated with other products in the Microsoft suite, including Word, PowerPoint and Excel, making it a true collaboration platform. What is Zoom?Zoom is a communications platform that encompasses audio and video conferencing, chat functionality, video webinars and more. Zoom offers an entire marketplace of application integrations, including MailChimp, Zendesk, Marketo and even Microsoft Teams for additional extensibility. Though Zoom has been around since 2011, it’s seen stunning growth in 2020, increasing from 10 million daily meeting participants in December 2019 to over 300 million daily meeting participants in April 2020. To read more click below.... Cyber Insurance – Do I really need it?
Cyber Security is a very real threat to businesses in New Zealand these days. Here we look at Cyber Insurance, what it is, what the laws are and why you need it. Why do you need Cyber Insurance? Cyber attacks on businesses in New Zealand are increasing in both sophistication and frequency. High profile companies like Air New Zealand partner Travelex, Fisher & Paykel Appliances, Toll Group, Garmin, Canon, Honda, BlueScope Steel, Lion, transport giant Toll Group, Twitter, MetService and most recently even the NZX, are just some of the organisations to have been targeted by cyber criminals. However it is not just the big companies, many small businesses are also being targeted. It really is a matter of ‘when not if’. What is cyber insurance? Cyber insurance is designed to fill the gap that traditional insurance policies don’t cover, minimising the impact of cyber incidents by providing cover for your own loss and third party costs. It provides your business with a structured crisis response plan and assists with returning to ‘business as usual’. 1.Won’t my general liability policy cover cyber liability? General liability insurance covers bodily injuries and property damage resulting from your products, services or operations. Cyber insurance is often excluded from a general liability policy. It pays to check your current policies and ask questions. You may find that your other business cover won’t respond to a cyber or data breach claim. To Read more click below..... If you have less than 10 computers in your office, then this service is for you...Running a business can be a difficult task, and the last thing you need is trouble with your computer. The best way to keep your computer, and your business, running is to make sure you have three things sorted out:
GOOD COMPUTER is the service that delivers it all to businesses with small offices. GOOD COMPUTER is made for you if you are the office, or if its you and your office manager, or if your sales team is your office. If this sounds like you, then THIS SERVICE IS FOR YOU. THE MAGIC IT BUTTON Don't you wish you had a magic button that when you pressed it, all your IT problems can be solved? Now you can, with our IT icon on your taskbar, ready to help you with whatever IT problem you have. When you press this button, you are automatically taken to a website that is set up just for your company, and takes you information relevant to you. SO WHAT? Corporate businesses are well catered for when it comes to IT services, but small business has not had the same range of services available to them. Good Computer is the first service of its kind that brings you high quality IT Services at small business prices. Small business are in as much need for these services as any other business, so we have designed a service that provides all the IT services a small business needs, without the price tag. You deserve to be able to budget your IT service needs, so we have designed Good Computer with a flat fee, so you can easily add IT into your budget. CYBER SECURITY IS BUILT-IN
IT Services focused on small business that include Cyber Security Services are rare. But, securing your small business data has become more important than ever. Every week we have at least one customer who is experiencing a cyber security incident. But we can slow this down, by increasing your security measures, to prevent these incidents in the first place. If you are currently looking at cyber security insurance, you will notice that the criteria for qualifying for insurance is becoming more involved, and you may not qualify for the insurance until additional cyber security measures are put in place. Good Computer includes all the security measures (and more) to enable you to qualify for this insurance. |
AuthorVictoria Murgatroyd-McNoe has been working in the IT sector helping businesses achieve their technology goals for over 20 years. Archives
October 2022
Categories |