Font Size

ICO launches IT security guide for small businesses


The Information Commissioner’s Office

Computer/Internet/Software Articles
Submit Articles   Back to Articles

News release 18 June 2012

The Information Commissioner’s Office (ICO) has today published a new guide for small and medium sized businesses, showing a series of clear, practical steps they can take to help make their IT systems safe and secure.

The guide, which covers topics such as physical security, anti-virus defences and employee awareness, can help small businesses keep personal data secure, and avoid a serious data breach that could see the ICO impose a monetary penalty of up to £500,000.

Information Commissioner, Christopher Graham, said:

“Since November 2010 the Information Commissioner’s Office has had to serve civil monetary penalties totalling over £1.5 million on organisations that failed to take the necessary measures to keep peoples’ information secure.

“While we recognise that the biggest companies and organisations will have many of these strategies already in place and have spent a great deal of money on securing their IT systems, smaller enterprises often tell us that they would benefit from simple and clear advice specifically designed for them.

“This guide aims to support these companies by providing a starting point and recommendations that cost little to adopt, but can significantly reduce the risks of a serious data loss and the reputational and financial damage that can result.”

The guide includes a checklist, as well as more detailed advice on:

  • - securing data on the move;
  • - keeping you and your systems up to date;
  • - keeping an eye out for problems;
  • - knowing what you should be doing; and
  • - minimising the data you keep.

Mr Graham continued:

“Following this guidance is not just about minimising risk. Businesses that prioritise the safety of their customers’ personal data will have a real competitive advantage.”

Mike Cherry, Policy Chairman, Federation of Small Businesses, said:

“It’s important that the ICO have published this guidance specifically for small businesses. Good IT and data security should be part and parcel of good business practice and businesses should think about the simple steps that they can put in place to achieve this. The guidance should help businesses do this.”

The ICO’s IT security guidance is available on the ICO website at:

A copy of the guidance is also available to order at:

If you need more information, please contact the ICO press office on 0303 123 9070 or visit the website at:


1. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

2. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.

3. Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:

• Fairly and lawfully processed

• Processed for limited purposes

• Adequate, relevant and not excessive

• Accurate and up to date

• Not kept for longer than is necessary

• Processed in line with your rights

• Secure

• Not transferred to other countries without adequate protection

About the Author

The Information Commissioner’s Office is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. We do this by promoting good practice, ruling on complaints, providing information to individuals and organisations and taking appropriate action when the law is broken.

The ICO enforces and oversees the following legislation:

  •  Data Protection Act 1998
  •  Freedom of Information Act 2000
  •  Privacy and Electronic Communications Regulations 2003
  •  Environmental Information Regulations 2004

Follow us @Scopulus_News

Article Published/Sorted/Amended on Scopulus 2012-06-18 14:00:14 in Computer Articles

All Articles

Copyright © 2004-2021 Scopulus Limited. All rights reserved.