Category

GDPR

Why you need to tighten up your IT security

By | Cyber Security, GDPR, IT Support
IT security GDPR fines

It is second nature for us to make sure our cars, offices and homes are locked up, with windows and doors closed so intruders  cannot gain access to our belongings.

So why  don’t we treat our IT security with the same level of caution? With the GDPR now in place, the importance and necessity of securing all personal data is a must.

However, with 44% of businesses stating last year that they don’t view strong security as a priority can you really say your data is secure? Do you trust your business and the businesses you work with to protect your data and make sure their IT security is up to standard?

At TecSec Services Ltd, we believe IT…… Read on

70% of businesses are still behind on the GDPR

By | Cyber Security, Data Protection, GDPR
comply with GDPR

Believe it or not, it’s been almost five months since the GDPR came into force.
International statistics suggest that 70% of businesses are unable to address individuals’ requests for copies of their personal data – a core element of Articles 15 and 20 of the regulation. Many other companies said they had struggled to get their policies and procedures up to scratch and admitted they were adopting a ‘head in the sand’ approach.

As of September 2018, the Information Commissioners Office (ICO) was yet to prosecute any non-compliant organisation. But that doesn’t mean they’re not going to, and it’s expected that those falling behind will be identified in the very near future.

It seems that a lot of businesses don’t want to draw attention to the fact that they weren’t compliant with the GDPR when it came into force on 25 May. Instead, they are taking no action and remaining non-compliant.

There are two points that we really want to stress here:
1) Admitting that you aren’t currently compliant will not, in itself, result in a fine or you being reported to the ICO. This would only happen if a breach has occurred since the 25 May 2018 which is reported to the ICO.
2) Remaining non-compliant simply isn’t an option. The GDPR is law, therefore, if you don’t comply, you are breaking the law.

We have recently been talking to many companies in and around the Sheffield City Region who have reached out for help, acknowledging that running the risk of non-compliance simply isn’t worth it.

Don’t be afraid to ask for help. It isn’t too late and within just a few days, we could get your organisation compliant with all your data security requirements.

TecSec is an IASME certified body with the GDPR gold standard, and we are also an IASME Certification Body. This means we can work with clients to bring you in line with the IASME standard, and compliant with the GDPR – helping you to avoid a hefty fine should you be found to breach the regulation.
To put your business’ data security in the safest hands, just get in touch with us today.

You could be one click away from disaster

By | Cyber Security, GDPR
phishing

Do you know what phishing really means? How it happens, what the consequences can be, and more importantly, how to prevent it happening?

At its simplest, it’s a hacker sending you an email, pretending to be someone else. Perhaps a supplier sending an invoice, or even an email from a customer. Someone in your business (maybe even you) clicks on a link in the email, genuinely not meaning to do any harm. That’s it, just like that, the hacker gets access to their computer. And often from there they will spread malware into other parts of your IT system.

At TecSec we see this a lot and it’s worrying how effective hackers can be. We often hear that business owners believe their staff will never fall for such a thing. In our experience, the smartest most reliable people are the ones most likely to fall for it.

Our brand-new guide will show you how to protect your business. We hope you’ll find it easy to digest and understand, with some simple steps you can implement straight away. Just click on this link to download your copy.

If you would like to speak to a trusted IT professional about protecting your company from phishing attacks, just get in touch with us.

Is working on your commute worth the risk?

By | Cyber Security, Data Protection, GDPR
Commuting risk

The BBC recently featured an article querying whether commuters should be paid for the extra work they complete whilst travelling.

Whilst we applaud people’s dedication to their jobs, from an IT security perspective, they are posing a risk to their company by working outside of the secure office environment.

If you’re using an un-secure connection to visit websites that don’t have an SSL certificate (meaning their website is read as ‘not secure’ by your web browser), it could result in your login details being intercepted using packet sniffing.

What is packet sniffing? Continue reading…

Hackers accessed 10 million records in Dixon’s Carphone breach

By | Cyber Security, Data Protection, GDPR
Dixons breach

Last month Dixon’s Carphone revealed that the huge data breach it suffered in 2017 was far worse than estimated with approximately 10 million personal data records accessed by hackers, rather than the 1.2 million records originally reported.

The personal records of 10 million customers have been accessed by hackers. These records include details such as names, addresses, phone numbers, dates of birth and email addresses. And, whilst Curry’s PC World states in the email that it has “no confirmed instances of customers falling victim to fraud as a result” this doesn’t mean that customers aren’t at risk. What are the hackers doing with this data?

What can you do to avoid falling foul of a scam? Read on…..

Facebook’s mistakes and what your business can learn from them

By | Cyber Security, Data Protection, GDPR, Risk Management
Facebook mistakes

Facebook’s mistakes.

It wasn’t so long ago that Mark Zuckerberg was the poster boy for online entrepreneurs.

Facebook changed the way we connect with people forever, and he started it all from his bedroom when he was still just a teenager. Then, the Cambridge Analytica scandal broke, and suddenly Facebook’s founder had fallen from grace.

Billions of Facebook users became worried about the darker side of the social network. Whilst trust in the platform plummeted, Google searches for ‘How to delete a Facebook account’ climbed.

Continue reading……..

TecSec Services Ltd are now IASME Gold certified

By | Cyber Security, Data Protection, GDPR
IASME Qualification

TecSec have achieved IASME Gold certification which covers Cyber Essentials, IASME Governance and GDPR requirements.

They are ramping up Cyber security in Sheffield City Region after becoming the region’s first Certification Body for the prestigious IASME standard for cyber security, complete with the GDPR gold standard.

Read our article to find out how this will affect your business.

How would your firm handle a phishing attack?

By | Cyber Security, Disaster Recovery, GDPR
phishing

The BBC published an article on Tuesday about the aftermath of a successful Phishing attack where the user had granted the malware access by logging into a fake login. The article then details the process inside the company of handling a breach and the procedure they need to follow. However, this team clearly aren’t as prepared as they should be.

At TecSec, we believe in being pro-active which is why we advise you to read our article on “How a Phishing attack progresses” and the red flags to help you identify the phishing email for what it is, a scam.

Under GDPR a phishing attack now must be reported to the ICO as a breach, if the user clicks the link or downloads a file. Depending on the technical and business measures in place, the business is at risk of being fined.

Remember the GDPR, Sheffield?

By | Cyber Security, GDPR, Risk Profile
GDPR sheffield Risk profile

Remember when GDPR were the four letters on everybody’s lips? We’ve had a World Cup, holidays and a heatwave since then, so you wouldn’t be blamed for putting the GDPR to the back of your mind. The thing is, the GDPR (General Data Protection Regulation) is still a big deal. It’s the law, and non-compliance could result in a hefty fine for your business.

Can you demonstrate compliance? Do you have an Information Security Management System in place? If the answer is no, you are at risk.

Do not panic, let us help you. TecSec is the only IT security support company to become an IASME certified body with GDPR in Sheffield City Region. This means we are your best placed local company to help you reach government recommended standards of compliance.

Let us carry out a free GDPR & risk profile to identify the current weaknesses in your systems.

We will visit your work address and run through a series of questions that will help us to assess your current approach to risk and data protection. We will then report back to you any weak spots in GDPR compliance, making recommendations and highlighting serious areas of concern.

We have a limited number of bookings available so please get in touch today to secure yours.