The challenges of actively managing information security are growing, and every business, regardless of size, should pro-actively protect their systems and the data held within. But how do customers know that your information security practices are fit for purpose?

Even the best intentions do not guarantee sound security practices for businesses. The only way for customers to judge the internal processes of your business is by checking for accreditation such as ISO 27001. In fact, 71% of respondents to a 2016 survey by IT Governance Ltd said that they had fielded a question about ISO 27001 accreditation.

Web content filtering is typically supplied as part of broader cybersecurity measures, with most internet security appliances offering the option to enable filtering, and many default configurations enabling it from the outset. Yet as with many topics in information security IT personnel should never assume that content filtering features are active or optimised. In this article, we outline key reasons why content filtering is still so important, and briefly describe how to enable content filtering for your organisation.

There is one area on which everyone concentrates when it comes to getting the most out of an IT budget: squeezing the supplier. Though getting commodity items at the best prices and achieving the most value out of the services and IT support costs you pay for is important, there are many other areas where careful consideration can result in far more optimal IT spending.

Deloitte’s 2016-2017 CIO survey found that, on average across all industries, expenditure on IT packages, staff, and services accounts for 3.28% of a company’s turnover, with businesses in professional services industries commonly managing annual IT budgets of 6% of overall turnover. The importance of optimal spending is clearly very high. Here we outline a few of the top areas we think your business should focus on.

Technology expenditure is usually taken on in a reluctant manner: few businesses rush forward with adopting the latest technologies, instead deferring IT expenditure for as long as they can. Whether it is updating on-premise servers, migrating to the cloud or overhauling a creaking website – management teams tend to delay spending the funds for as long as possible. But is this wise? Are there hidden costs to squeezing the last bit of usage out of outdated technology?

You walk into your office tomorrow. Before you can get a cup of coffee, one of your managers tells you that your IT service contract is going to expire in two months.

You've been frustrated with poor service and technology for months. Now, you have an opportunity to improve the situation. Your IT manager stands at the ready with a few recommended IT service providers. Are you equipped to sort through the options and call them?

Before you sign on the dotted line to renew your IT service contract, go through these questions. Investing an hour today could save you months of effort, risk and frustration.

Acceptable practice or unacceptable risk?

Shadow IT is the practice of using technology within a business without the knowledge or approval of the IT function.

This includes anything from a single employee using a low-cost app, to an entire department, such as Project Management, adopting a cloud software application to support its Line of Business (LoB).

Is IT security in your firm where it needs to be?

IT security is near the top of the agenda for every executive management team. Although IT is not something executive managers are likely to get hands-on with and is best left to qualified practitioners, there are simple spot-checks that executive leaders can make to see if basic security is being implemented.

An ideal time to catch up and set out a review

Many firms experience a pre-Christmas rush of finishing off work and projects in early and mid-December. For items in the workflow that are on-going, there is often a sense of ‘parking’ them over the Christmas - New Year transition period until the return to work in January. Many businesses are likely to have reduced workload and staffing numbers.

Insider threats: An unsavoury but unavoidable truth

When it comes to productivity and information security, insider threats are perhaps some of the most unsavoury considerations for a firm. Any business owner or senior executive would prefer to think they can implicitly trust the people that they pay but, unfortunately, it simply isn’t possible to ignore the risk of employee misbehaviour.

User Activity Monitoring (UAM) is a process that is enabled by productivity monitoring software, PMS. These applications are designed to track and record every action performed by a user. The software outputs a log file in plain English (rather than technobabble) and a video file that enables the firm to view each user’s onscreen actions.

Fast growth: A nice problem

Whatever the core business activity of a firm, fast growth is a nice problem to have. Although the doomsayers warn of the problems of rapid uncontrolled growth, such as resourcing gaps and overstretching with too many commitments, these are challenges that should be well within the capability of a company governed with good management practice.