Cyber Security e-Learning Cloud-Based Managed Service

Specifically designed for the SME sector, we provide a Managed Cyber Security e-learning cloud-based platform that educates and evaluates staff on cyber awareness, which includes running phishing simulation attacks. The key benefits of our service is that we help:

Ensure your staff continually achieve High Levels of Security Awareness

  • A new 15 minutes Security and Compliance Course every Month
  • Certificates upon completion
  • Users own portal login

Reduce the risk of malicious email

  • Ensuring that spurious emails that slip through your existing IT screening infrastructure are not clicked on or accessed by staff
  • Implement the Phishing simulation campaign (with quarterly business Reports)
  • 3 minute “Golden Nugget” training (at time of error for users to learn – there and then!)

Save YOU time and money by managing the entire process

  • All within a GDPR compliant Processors Agreement
  • Generated reports to monitor compliance
  • The simulated Email and SMS phishing platform was the first company to achieve GCHQ accredited security awareness training by the Chartered Institute of Information Security

We deliver the only behaviour-driven security awareness platform that delivers ‘Real Time’ training to staff!

Our pricing packages are clear, based on a per email/user per month basis, charged monthly and will provide you with peace of mind.

We are giving a 10% “Early Bird” Discount on all prices until the 30th November 2020

Some Data Protection Considerations for Remote Working regarding Covid-19

Introduction

Luke Irwin[1] wrote and interesting article in 2017, with the central point being “whenever an organisation creates a new way of accessing its data, it puts that data at greater risk. Remote working intensifies that risk as it can be hard for the employee and the organisation to know when the data is breached, and it will be even harder to identify how it happened.” So, in a nutshell remote access increases the risk of Data Loss.

To mitigate this risk we would advise clients to ensure the following matters are in place prior to rolling out remote access. Please note this advice regards the use of Laptops/desktops in the home, and does not give any guidance on the use of mobile smart phones and tablets and the advice below is not exhaustive. And as always when it come to IT talk to an IT expert.

Areas for consideration

  1. Device and Network Security

Laptops and desktops should be:

  • Provided by your chosen IT provider
  • Have hard drive encryption in place and active
  • Login details should include a strong password
  • Require that employees use a non-stored password to connect during each session, especially for VPN access.
  • Devices should have up to date software, anti-virus and malware installed
  • Don’t allow family members to use your work devices. Under no circumstance should laptops or desktops used for remote working be used by the wider household – no matter how many time the kids ask!!

Always use a secure network connection and secure VPN when working from home – Your IT service provider should be able to advise

Never use public wifi or unsecure network

  1. Email and software

Areas that may be considered in relation to email and software include:

  • Logging on and using email should be arranged by your service provider. Two factor authentication needs to be in place. Previous guidelines regarding passwording attachments and deleting old emails should be adhered to.
  • Enforce reasonable session time-outs for sensitive programs or applications.
  • Limit program/file access to only the areas absolutely needed by that employee.
  • Reserve the right to terminate employee access at any moment.
  • Provide the software and storage services for remote file storage and other tasks; don’t rely on individuals to use their personal programs and accounts. [2]
  1. Information Management

Some considerations under this heading include:

  • Clear guidelines around what information should never leave a secure environment, ie printing off of financial information
  • Get your service provider to establish access permissions that support these guidelines.
  • Save material to where the organisation advises ie Onedrive, A secure Dropbox etc.
  • DO NOT USE USBs
  • Have Clear backup procedures for material saved locally. (I am assuming that adequate backups and restore is sorted for the organisations data/systems)
  1. Clean desk policy

When working from home, staff will have information that pertains to your organisation around people that are not company employees. There are obvious challenges to this with regard to Remote workers but ensuring that information is kept secure is of high importance. Some simple (low tech) measures may include:

  • Try an have a space or office away from the kitchen table
  • Do not work or access your organisations data while there is someone else in the room – remember the confidentiality of the Personal Data
  • No written material should be left unattended – even for a cup of tea!
  • Logout if you are leaving the laptop or desktop unattended – seemingly cats have a habit of jumping on computer keyboards and might press a few keys when a laptop is unattended![1]
  • Adhere to a clean desk policy.
  • Use locked drawers
  • Have paper securely shredded
  1. Policy Awareness

Your organization must have clear and practical policies that stress the importance of data protection. One such policy should address the need always to use a secure network connection when working from home. Every worker should have easy access to a written security policy that explains the responsibilities of employees and clearly states what they are and are not allowed to do regarding data—and all workers should verify that they have read and understood the policy. Staff members using remote access should be reminded that all organisational policies apply, such as:

  • Data Protection
  • IT security
  • Clean desk
  • Access to data
  • Passwording of emails

Finally, a way to achieve data protection compliance for those working remotely, is for organisation to adequately and consistently express the importance of data security.

For those considering Remote Working,

we are also offering a Residential Shredding to reduce risk of Data Breach – Contact 042 9749515 or email: info@m1shred.com

[1] https://www.itgovernance.eu/blog/en/gdpr-the-implications-of-working-from-home-or-on-the-road

[2] https://www.businessnewsdaily.com/9372-secure-home-office.html

[3] https://minutehack.com/guides/10-security-tips-for-remote-and-mobile-working

New Partnership deal to provide companies with a “One-Stop-Compliance-Shop”

PRESS RELEASE

A specialist Data Protection consultancy company and a local Human Resource (HR) management firm, have teamed up to provide a unique service offering to Companies and Organisations a “One-Stop-Compliance-Shop”.  Data Protection Training & Auditing Services and Hands-On HR will help companies be compliant with current legislation in the areas of:  Data Protection and the GDPR; Human Resources and Health & Safety.

“We are very excited with this partnership” said Eugene Grant, Principal Consultant of Hands-On HR.  “It’s clear that small to medium sized organisations are looking for an affordable compliance partner to ensure there are on the right side of any legislative or regulatory in terms of their client and staff data and legal obligations.  Through this partnership, we can now address their compliance needs with a value for money proposition”.

John Nealon managing Director of Data Protection training and Auditing Services stated that, “the benefits of using our “One-Stop-Shop” Regulatory Compliance Service includes access to a team of subject matter specialists, which ensures your company is up to date with Data Protection, HR and Health & Safety legislation.  This expertise ensures that business owners have peace of mind.

Our service will also deliver practical benefits to companies including gains in efficiency and quality; flexibility to scale; single point of contact; reduced burden on internal infrastructure and resources and effective cost reduction.”

At a recent function, the partnership was welcomed by Minister for Business, Enterprise, and Innovation, Heather Humphreys, TD.  The Minister wished the two companies every success into the future and detailed that “data protection and human resource compliance work hand in hand, and are hugely important for organisations.  I believe this partnership will deliver a quality service to their clients in the areas of Data Protection; HR and Health & Safety compliance.”

For further information contact John Nealon or Fionnualla McKenna on 042 9749515 or email info@dataprotectionservice.ie

Schedule of Training: June 2019 to December 2019

Title of trainingDateDurationCertificates / CPDCost (First/additional attendees)Book Here
The business case and road map to implementing ISO 27001To Be confirmed4 hoursCertificate of attendanceTo Be confirmedRegister your interest here
Preparing a Request for Tender of an IT/Cyber security projectTo Be confirmed4 hoursCertificate of attendanceTo Be confirmedRegister your interest here
Data Protection Training for Front line staff22nd April 20203.5 hoursCPD hours: Institute of Bankers; ILCU and LIA
Certificate of attendance
€120/€90Register your interest here
  • Training takes place in our Castleblayney training centre unless otherwise stated.
  • Course start at 9.30am unless otherwise stated.
  • (10% Early Bird discount on all bookings made two weeks before training session)
  • To book your place, simply email Info@dataprotectionservice.ie or phone 042 9749515
  • Early booking is advised as places are strictly limited. Bookings are only secured with full payment. Full payment must be made prior to course commencing. Course run subject to demand.

TRAINING COURSES NOT TO BE MISSED!
If appropriate please pass on to Your Marketing Department

 

What our Customers are saying

“John is extremely knowledgeable and always willing to go that step further to ensure his information is accurate”

“As always, a good course organised and run by John, with good discussion points”

“Learned a lot and all questions answered well. My company has got excellent clarity on what we can/cannot do regarding direct marketing now. Thanks very much”

“GDPR in simplified terms”

“Very interesting course and I learned a lot”

TRAINING – Direct Marketing and GDPR – The Can Do’s and Cannot Do’s

John Nealon, Certified Data Protection Officer, will be holding another one of his very successful Training Courses on how the GDPR and e-Privacy Directive together impacts of various Direct Marketing initiatives.

The session is focused, practical in its content and covers topics such as: 

  • The key aspects of the GDPR and E-Privacy regulation impacting on Direct Marketing
  • Implications of using Consent and Legitimate basis for direct marketing
  • Current fines being imposed by DPC on Direct Marketing infringements
  • Business to business marketing
  • The “Can Do’s” and “Cannot Do’s” for:
    • Email Direct Marketing
    • Postal direct marketing
    • Telesales
    • Faxes and SMS (texts)

Date: Thursday 20th June 2019
Time: 10am to 1pm
Location: Castleblayney
Cost: €290 for first attendee, €190 per person thereafter.
(10% Early Bird discount on all bookings made by 12th June)

To book your place, simply email Info@dataprotectionservice.ie or phone 042 9749515.

A TRAINING COURSE NOT TO BE MISSED!

If Appropriate please pass on to Your Marketing Department
Early booking is advised as places are strictly limited.  Bookings are only secured with full payment.  Full payment must be made prior to course commencing. Course run subject to demand.