IT Security

Page updated: 19/11/2024

Imagine a world, defined by technology and driven by our demand, where nearly every individual is connected from anywhere in the world.

Imagine a business based on this demand, working from offices without boundaries, needing access to the information available to support their business at any time. That time is now, and whilst we need to make use of technology to improve the way we do business, we also need to ensure proper governance of the information we process.

IT Security is needed to help protect data and IT Systems, safeguarding the information they hold. With the onset of the internet and mobile working, systems are distributed and accessible from multiple locations. IT Systems are being designed with an emphasis placed on ‘Ease of Use’, which is seen as a benefit by most people, however from a security perspective, systems can become insecure as  the demand for ease of use and accessibility increases.

The aim of information security is to create an appropriate balance between both.

Top Tips

Never leave your devices unattended

If you need to leave your computer, phone, or tablet for any length of time, no matter how short, lock it up so no one can use it while you’re gone. If you keep sensitive information on a flash drive or external hard drive, make sure to lock it up as well.

Emailing sensitive or confidential information!

If we need to send any information by email which is special category (sensitive) personal data or is otherwise likely to cause damage or distress if it was accessed by someone that shouldn’t see it, then we have to make sure the information is protected. Sending information like this by standard email is not safe as it can be easily intercepted as it makes its way over the internet to the recipient.

To help staff protect the Council’s personal data, we have set up a secure system covering email sent to the organisations listed here. Anything you send these organisations will be encrypted automatically.

For emailing any recipient not listed, we can provide an alternative way of sending email securely.  For more information, please contact the IT Service Desk.

Beware of phishing emails

Phishing emails are sent to try and “fish” for personal information such as bank details or login information to websites. We have an email filtering gateway which does stop most of these, however some may still get through.

The email can masquerade as originating from a legitimate company asking you to validate some type of information. Never click on links within these emails. If you are unsure, contact the company directly over the phone to ask if they have sent out any correspondence to you. You can also manage your own email filtering adding to your allowed and block senders list.

When offline, be wary of social engineering, where someone attempts to gain information from you through manipulation. If someone calls asking for sensitive information, it’s okay to say no. You can always call the company back on their advertised contact number to confirm it is them! No one should ever ask you to confirm a password over the phone!