Outsourcing your IT security to trained professionals makes sense.
Your accounts are prepared by a trained accountant, your legal matters are handled by a trained lawyer. The same should be true of your IT security. The good news for your balance sheet, is that it is not necessarily a full time job and generally nor does it necessarily require a full time salary.
So why do so many organisations trust their IT security to the local computer shop, employ someone with little or no IT security experience, or worse, think that it is not relevant or important and they can do it themselves?
The answer is usually a simple one. IT security is not a central part of most small core businesses.
With the introduction of the new EU GDPR (General Data Protection Regulations) however, you as a company director, or an organisational officer, are personally responsible for the proper protection and processing of all electronically held data. It is therefore imperative that you take the security of your data seriously.
It is all about due diligence, and ensuring that in the event of a breach, you have the technical ability to demonstrate that you have taken sufficient and reasonable steps, to protect the personal information you hold.
This is equally applicable whether you are a micro business, a small to medium sized enterprise, or a multi-national.
For a brief explanation of the new rules and regulations, and your responsibilities, please see the Data Protection sections.
Highly skilled IT security consultants are few and far between, especially the good ones.
Our consultants have been specialists in the IT security industry for a minimum of ten years. They come from a diverse range of backgrounds including secure systems design, hacking and penetration testing, encryption specialists, remote access services and forensics and fraud investigation.
Because we operate as independent consultants, we bring with us a wealth of experience from a wide range of organisations and industries ranging from Central Government institutions and large multinational companies, to smaller organisations such as charities and travel companies.
As an Esix customer, you will be allocated a dedicated technical consultant who will manage your account. However, our consultants have access to our entire technical team of both permanent and contract staff, so that they can bring in any additional resources they need to get the job done.
We can provide a tailored and customized environment to host both your internal and externally available services such as email and web services, internal databases and accounting, and cloud storage.
Each service we provide is designed and built specifically for each customer, and is housed in our secure FSA approved data centre in Wellingborough, approximately sixty miles outside London.
We also provide a prebuilt environment for smaller organisations and single owner operators, which provides secure email, web services, and remote file storage.
These services are protected by two layers of firewalls, monitored and maintained by trained professionals to ensure that highest level of service, and conformant with the new GDPR.
To conform with the latest European Data Protection Regulations, most organisations should appoint a Data Protection Officer.
This Data Protection Office (DPO) should be a trained IT security professional, who has the technical skill and ability to assess the current IT situation, and to ensure that all areas your business that are covered by the GDPR, are compliant.
As outlined above, experienced IT security professionals are expensive to employ, and the good ones are few and far between.
This function is therefore better provided to micro companies and smaller organisations, by a trusted and independent third party. This way, your board can ensure impartiality, have confidence that relevant areas are covered by technically competent professionals, and minimize the cost by not increasing headcount.