The world of IT is fast-paced and anyone could be forgiven for feeling permanently behind the curve. Having a greater understanding of what’s involved and being able to ensure greater protection has been a priority for Soundswell this year.
It’s one thing (although very reassuring) to have reliable, user-friendly people working hard to ensure that hardware and software are robust, well-protected and up-to-date. However, that is by no means the end of the story….
The threat of potential hacking or having sensitive data compromised in any way is a very real one. You will have friends and colleagues who have been the victim of scams or had their personal data misused – it may have happened to you.
Horror stories are regular features in the media. It’s not difficult to see how a poorly-protected laptop left on a train or the back seat of a car could have catastrophic results – which, in extreme circumstances, could endanger lives. At the very least there can be financial and reputational repercussions.
Speech and language therapists (as providers of healthcare services) collect, hold and share what is commonly known as PID (patient identifiable data). Working in educational settings rather than in a hospital or a clinic is no different. We still collect, store and share personal information.
What is cyber security?
Cyber security is how individuals and organisations reduce the risk of cyber attack. Cyber security’s core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access – both online and at work – from theft or damage.
It’s also about preventing unauthorised access to the vast amounts of personal information we store on our devices and online.
Why is it important?
Because smartphones, computers and the internet are now such a fundamental part of modern life, that it’s difficult to imagine how we’d function without them. From online banking and shopping, to email and social media, it’s more important than ever to take steps that can prevent cyber criminals getting hold of our accounts, data, and devices. https://www.ncsc.gov.uk/section/about-ncsc/what-is-cyber-security
Access to advice and support from a cyber security expert is a good place to start.
We started with two online consultations/training sessions with a cyber security expert.
This lead us to complete the process of passing our cyber essentials qualification. This process answered most of the questions in box 2. It also started us on the road to addressing the need in boxes 3 & 4.
Cyber essentials
A certification process which helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security.
We then commissioned a bespoke session for our team – and despite the fear that this would be, at most, impenetrable and at least, pretty boring, it was a really good day with lots of opportunity to ask ‘silly’ questions and begin to pull together the ‘must dos’ which will shape our operations going forward. This has set us on the road to being able to ensure that everyone in the team knows what to do and how to do it. We can then follow this up with random audits to check how robust our processes are.
We are immensely proud of having got this far but we know we are still only very early on our journey.
What will we be doing next?
- Completing and sharing our Information Security policy
- Sharing information more securely and effectively by changing our cloud storage arrangements so that every one of our schools and settings will have access to a folder where they can both deposit and retrieve information safely.
- Working our way through cyber essentials plus….