Author: Anne Carragher

Last night saw the official launch of the newly established South Armagh Business Improvement Group at Killeavy Castle where guest speakers on the night included Finance Minister Conor Murphy and Tony McKeown (CEO of Newry Chamber).

At the launch, John Nealon, Chairman of #SABIG outlined the groups principal objectives which are to have more people working in, living in, shopping in, spending leisure time in, and visiting South Armagh.

Our mission is to connect businesses across the region to encourage collaboration; promote a positive image; and to represent the area with key stakeholders to deliver significant projects and investment.

Through the development of the retail, leisure, hospitality, services and manufacturing sectors, we believe South Armagh will achieve sustainable economic development, growth, jobs and wealth in the short, medium and long term.

If you are a business in the following areas, and would like to gain further insight into our group or wish to register your support, please do so by sending a direct message and we’ll get back to you as soon as possible.

Belleeks, Bessbrook, Camlough, Creggan, Crossmaglen, Cullaville, Cullyhanna, Dromintee, Forkhill, Jonesborough, Lissummon, Meigh, Mullaghawn, Newtownhamilton, Poyntzpass, Whitecross and Silverbridge.

#SABIG

The organising committee would once again like to thank all those local businesses who attended the launch night and offered their support as well as local politicians Pete Byrne, Justin McNulty MLA, Aoife Finnegan and Oonagh Magennis.

Specifically designed for the SME sector, we provide a Managed Cyber Security e-learning cloud-based platform that educates and evaluates staff on cyber awareness, which includes running phishing simulation attacks. The key benefits of our service is that we help:

Ensure your staff continually achieve High Levels of Security Awareness

• A new 15 minutes Security and Compliance Course every Month
• Certificates upon completion
• Users own portal login

Reduce the risk of malicious email

• Ensuring that spurious emails that slip through your existing IT screening infrastructure are not clicked on or accessed by staff
• Implement the Phishing simulation campaign (with quarterly business Reports)
• 3 minute “Golden Nugget” training (at time of error for users to learn – there and then!)

Save YOU time and money by managing the entire process

• All within a GDPR compliant Processors Agreement
• Generated reports to monitor compliance
• The simulated Email and SMS phishing platform was the first company to achieve GCHQ accredited security awareness training by the Chartered Institute of Information Security

We deliver the only behaviour-driven security awareness platform that delivers ‘Real Time’ training to staff!

Our pricing packages are clear, based on a per email/user per month basis, charged monthly and will provide you with peace of mind.

We are giving a 10% “Early Bird” Discount on all prices until the 30th November 2020

Introduction

Luke Irwin^[1] wrote and interesting article in 2017, with the central point being “whenever an organisation creates a new way of accessing its data, it puts that data at greater risk. Remote working intensifies that risk as it can be hard for the employee and the organisation to know when the data is breached, and it will be even harder to identify how it happened.” So, in a nutshell remote access increases the risk of Data Loss.

To mitigate this risk we would advise clients to ensure the following matters are in place prior to rolling out remote access. Please note this advice regards the use of Laptops/desktops in the home, and does not give any guidance on the use of mobile smart phones and tablets and the advice below is not exhaustive. And as always when it come to IT talk to an IT expert.

Areas for consideration

1. Device and Network Security

Laptops and desktops should be:

• Provided by your chosen IT provider
• Have hard drive encryption in place and active
• Login details should include a strong password
• Require that employees use a non-stored password to connect during each session, especially for VPN access.
• Devices should have up to date software, anti-virus and malware installed
• Don’t allow family members to use your work devices. Under no circumstance should laptops or desktops used for remote working be used by the wider household – no matter how many time the kids ask!!

Always use a secure network connection and secure VPN when working from home – Your IT service provider should be able to advise

Never use public wifi or unsecure network

2. Email and software

Areas that may be considered in relation to email and software include:

• Logging on and using email should be arranged by your service provider. Two factor authentication needs to be in place. Previous guidelines regarding passwording attachments and deleting old emails should be adhered to.
• Enforce reasonable session time-outs for sensitive programs or applications.
• Limit program/file access to only the areas absolutely needed by that employee.
• Reserve the right to terminate employee access at any moment.
• Provide the software and storage services for remote file storage and other tasks; don’t rely on individuals to use their personal programs and accounts. ^[2]

3. Information Management

Some considerations under this heading include:

• Clear guidelines around what information should never leave a secure environment, ie printing off of financial information
• Get your service provider to establish access permissions that support these guidelines.
• Save material to where the organisation advises ie Onedrive, A secure Dropbox etc.
• DO NOT USE USBs
• Have Clear backup procedures for material saved locally. (I am assuming that adequate backups and restore is sorted for the organisations data/systems)

4. Clean desk policy

When working from home, staff will have information that pertains to your organisation around people that are not company employees. There are obvious challenges to this with regard to Remote workers but ensuring that information is kept secure is of high importance. Some simple (low tech) measures may include:

• Try an have a space or office away from the kitchen table
• Do not work or access your organisations data while there is someone else in the room – remember the confidentiality of the Personal Data
• No written material should be left unattended – even for a cup of tea!
• Logout if you are leaving the laptop or desktop unattended – seemingly cats have a habit of jumping on computer keyboards and might press a few keys when a laptop is unattended!^[1]
• Adhere to a clean desk policy.
• Use locked drawers
• Have paper securely shredded

5. Policy Awareness

Your organization must have clear and practical policies that stress the importance of data protection. One such policy should address the need always to use a secure network connection when working from home. Every worker should have easy access to a written security policy that explains the responsibilities of employees and clearly states what they are and are not allowed to do regarding data—and all workers should verify that they have read and understood the policy. Staff members using remote access should be reminded that all organisational policies apply, such as:

• Data Protection
• IT security
• Clean desk
• Access to data
• Passwording of emails

Finally, a way to achieve data protection compliance for those working remotely, is for organisation to adequately and consistently express the importance of data security.

For those considering Remote Working,

we are also offering a Residential Shredding to reduce risk of Data Breach – Contact 042 9749515 or email: info@m1shred.com

[1] https://www.itgovernance.eu/blog/en/gdpr-the-implications-of-working-from-home-or-on-the-road

[2] https://www.businessnewsdaily.com/9372-secure-home-office.html

[3] https://minutehack.com/guides/10-security-tips-for-remote-and-mobile-working

PRESS RELEASE

A specialist Data Protection consultancy company and a local Human Resource (HR) management firm, have teamed up to provide a unique service offering to Companies and Organisations a “One-Stop-Compliance-Shop”.  Data Protection Training & Auditing Services and Hands-On HR will help companies be compliant with current legislation in the areas of:  Data Protection and the GDPR; Human Resources and Health & Safety.

“We are very excited with this partnership” said Eugene Grant, Principal Consultant of Hands-On HR.  “It’s clear that small to medium sized organisations are looking for an affordable compliance partner to ensure there are on the right side of any legislative or regulatory in terms of their client and staff data and legal obligations.  Through this partnership, we can now address their compliance needs with a value for money proposition”.

John Nealon managing Director of Data Protection training and Auditing Services stated that, “the benefits of using our “One-Stop-Shop” Regulatory Compliance Service includes access to a team of subject matter specialists, which ensures your company is up to date with Data Protection, HR and Health & Safety legislation.  This expertise ensures that business owners have peace of mind.

Our service will also deliver practical benefits to companies including gains in efficiency and quality; flexibility to scale; single point of contact; reduced burden on internal infrastructure and resources and effective cost reduction.”

At a recent function, the partnership was welcomed by Minister for Business, Enterprise, and Innovation, Heather Humphreys, TD.  The Minister wished the two companies every success into the future and detailed that “data protection and human resource compliance work hand in hand, and are hugely important for organisations.  I believe this partnership will deliver a quality service to their clients in the areas of Data Protection; HR and Health & Safety compliance.”

For further information contact John Nealon or Fionnualla McKenna on 042 9749515 or email info@dataprotectionservice.ie

John Nealon, Certified Data Protection Officer, will be holding another one of his very successful Training Courses on how the GDPR and e-Privacy Directive together impacts of various Direct Marketing initiatives.

The session is focused, practical in its content and covers topics such as: 

• The key aspects of the GDPR and E-Privacy regulation impacting on Direct Marketing
• Implications of using Consent and Legitimate basis for direct marketing
• Current fines being imposed by DPC on Direct Marketing infringements
• Business to business marketing
• The “Can Do’s” and “Cannot Do’s” for:
  • Email Direct Marketing
  • Postal direct marketing
  • Telesales
  • Faxes and SMS (texts)

Date: Thursday 20^th June 2019
Time: 10am to 1pm
Location: Castleblayney
Cost: €290 for first attendee, €190 per person thereafter.
(10% Early Bird discount on all bookings made by 12^th June)

To book your place, simply email Info@dataprotectionservice.ie or phone 042 9749515.

A TRAINING COURSE NOT TO BE MISSED!

If Appropriate please pass on to Your Marketing Department
Early booking is advised as places are strictly limited.  Bookings are only secured with full payment.  Full payment must be made prior to course commencing. Course run subject to demand.