Thursday, 8 December 2016
ICO Offers Holiday Security Tips to Government Agencies
It's not often that a blog post issued by a government agency is a combination of useful information and holiday festiveness. But, thanks to the Information Commissioners Office (ICO) and enforcement team manager Laura Middleton, government IT workers have a reason to smile during the hectic holiday season. Middleton's recent blog post offering IT security tips to government agencies is enough to put a smile on your face and remind you of the necessity for extra security at this time of year.
As Middleton so eloquently explains, time constraints and holiday activities often lead to workers cutting corners where security is concerned. Matters are made worse by the fact that IT departments tend to work on skeleton staffs during the festive season. The same is true in the private sector. Data centres and IT departments experience larger-than-normal volumes of people taking time off.
As a public service to all readers, we would like to take the opportunity to present some of Middleton's tips to government agencies, modified to be appropriate to the private sector too. Enjoy!
Keep Staff in the Loop
Middleton's suggestion of keeping staff in the loop is directly related to Freedom of Information Act (FOIA) requests. In the private sector, the same principle applies. Staff who will be required to pick up the slack during the holiday season need to be fully trained and prepared to do so. They all need to be kept up-to-date on any information that will affect how they do their jobs.
Alternate E-Mail Addresses and Responders
In cases where key staff members still need to be reachable while taking time off, consider providing alternate e-mail addresses. Those e-mail addresses can be set up on a temporary basis, then shut down once the affected staff members return to work. Along those same lines, automated responders should be established for all e-mail addresses that will not be monitored during the holiday period. People who try to contact and organisation need to know that their e-mail was received.
Adjust Security Procedures
Shutting down for the festive season means IT staff are lean and offices are empty. Workers required to work even as most of their colleagues are off may choose to work from home rather than coming into an empty building, so they may also need to be reminded of security procedures. If necessary, security may have to be adjusted to account for different ways of working at this time of year.
Have a Contingency Plan in Place
Data centres and IT departments should absolutely have a contingency plan in place just in case an IT emergency arises. There is no room for complacency, even during the festive season. Not having contingency plans in place is asking for real trouble.
Christmas is almost upon us, but that does not change the need for information and data access. You can make your festivities more enjoyable by making sure your networks and data systems keep running securely and uninterrupted.