Having a clear IT policy which is communicated to and understood by your staff is vital in maintaining your digital security. According to the Department for Business Innovation and Skills, 70% of businesses where IT policy was poorly understood suffered staff related security breaches. In businesses where a security policy was clearly understood this rate fell by 20%. With the average cost of the worst breach for an SME between £75,000 and £310,800, having a clear and reasonable IT policy is vital.
Government, along with the National Archives, has provided free training to help business be Responsible for Information. That has targeted modules for General Users, Information Asset and Information Risk Owners and Directors and Business Owners.
The government's Get Safe Online initiative has developed guidance for businesses on staff policies (including a sample Acceptable Use Policy), staff behaviour and training.
The LDSC offer a series of events that are dedicated to raising awareness about digital security and helping businesses trade securely online, these can be found in our Events section. The LDSC is also currently developing policy guidance and a service offering to help you tailor policies to your business needs and circumstances, please watch this space.