Thursday 22nd November, 2018 | By Russ McKenzie

IT Security, ex-employees, fines and jail time

There have been two high-profile instances in the last couple of years where ex-employees have been unscrupulous with their previous employers’ data.

There have been two high-profile instances in the last couple of years where ex-employees have been unscrupulous with their previous employers’ data.

Mustafa Ahmet Kasim, formerly employed by Nationwide Accident Repair Services (NARS) has been jailed under the 1990 Computer Misuse Act for stealing and selling personal data in 2016. He used an ex-colleague’s login to access data held within Audatex software.

So far, the ICO has not said whether there will be action taken against NARS or Audatex.

In another instance, Andrew Skelton, who was employed as an auditor by Morrisons (the supermarket), exposed around 100,000 Morrisons employee’s details on the dark web, because of a grudge against the company.

He was jailed for eight years for fraud, unauthorised access to computer material, and disclosing personal data.

Morrisons has been sued by their employees and are fighting liability – all the way up to the Supreme Court.

These two instances of data theft happened to large organisations, but that doesn’t mean that small to medium businesses don’t face a similar threat. We rely on our employees to be honest and not abuse colleagues, customers, or us.

What steps can you take to reduce the risk of data abuse and provides a level of protection to all?

Have a policy on computer use and misuse. This includes password hygiene, email etiquette and data protection rules.Make sure everyone understands this policy.Enforce the policy.

Enforcing the policy means recording infractions and actions taken against policy infringers. This might take the form of an informal chat, a written warning or dismissal for gross misconduct.

To further demonstrate that the policy is being enforced:Control access to USB drives and mass data downloads/uploads.Disable all access to company services for any leaver as soon as possible.Reset access to sensitive accounts that leavers might have gained access to.

If you can prove that you’ve done everything you can to prevent insider abuse of personal data, this may be the difference between a ‘telling-off’ and a major fine and/or liability claim.

If you would like an independent review or your internal IT Security processes and procedures, please contact us on 03331 50 60 70 or email us.

A Little More Light Reading

What you need to know about 5G

Thursday 19th September, 2019 | By Nicola Macdonald

We shed some light on your 5G questions. When is 5G coming to my town? Will 5G help me with my poor broadband? Does 5G mean I need a new phone?

View Blog Post

4 Step Process

Our 4-steps guide you through the process
1

Get in Touch

Call, email or fill in our contact form.

2

Arrange a Meeting

We'll get together to discuss your needs.

3

Proposal

We'll prepare a comprehensive proposal.

4

Onboarding

We'll ensure your move to nTrust is seamless.

Here to Help

Remote assistance is just a phone call away