the text below is an ad by and from bsigroup.com
Information security is a highly topical issue right now because in principle all information we handle takes place through the cyber world, either via e-mail, information storage or information that is printed on paper but stored electronically. At the same time as homework has skyrocketed in 2020, security threats have also become more numerous and more serious. What can you do to make sure your information is secure? Read more here about different standards companies can use, for example ISO 27001, and what you as a private person can do.
What does your information security culture look like?
Every year, MSB, the Swedish Agency for Civil Protection and Emergency Planning, arranges an information security month which in 2020 dealt with information and cyber security issues.
This is to increase awareness of what you can do yourself to avoid phishing and malicious codes. They urge companies to create an information security culture so that employees report directly if they have encountered something suspicious. It is also important to have updated and modern IT systems.
For information security management in larger companies that handle sensitive data, it is incredibly important to have systems built for the purpose. MSB itself recommends the ISO series, which is a collection of standardized management systems that companies can implement for data management in a secure way. With a functioning management system, personal registers and commercially sensitive information are protected in a professional manner. Here, as a company, you can, for example, use ISO 27001.
It is important that management systems for information security or ISMS (Information Security Management System) is kept up to date by the company that has implemented it. Companies that work with sensitive information about, for example, customers, then know that the handling of the information takes place in a secure and efficient manner. A concrete example that affected most companies was when the GDPR Act came into force, which meant that customer data would be processed in a new way. With an integrated management system, your company can get help with this.
Clear guidelines and processes in the company are also important for handling data in the right way. The information must be processed in a structured manner, both to secure and protect data but also so that the right person can obtain relevant information at the right time. Routines are basically a must, and that is exactly what a management system provides.
Security for private individuals
The risk of phishing is becoming more common among private individuals. This means, for example, that you receive e-mails requesting the provision of sensitive and personal information, such as bank or card details. The attacker pretends to be a bank or similar. Therefore, as a private person, it is very important to never give out personal passwords, bank details or other codes on insecure websites and platforms.
Links via email or attachments are also well-known methods of spreading viruses on your computer. If you are unsure, you should refrain from opening or clicking on attached files and links. If you are always on your guard and use common sense and antivirus systems, you will go a long way when it comes to information security for private individuals.