October is Cyber Security  Awareness Month, and while we don't think that cyber awareness is something to cover just once in the year, we think it's a good opportunity to publish some information that can be used all year round.
Awareness Day Three: Data Security

"Wherever there is technology there needs to be cybersecurity"

Implementing cybersecurity best practices is important for organisations of all sizes to protect personal, financial and sensitive information.

Awareness Day Three:
Data Security is about protecting data from unauthorised access, disclosure, alteration or destruction.  

Strategies for data security:

1. Encryption: NCSC Protection data at rest and in transit
2. Access Control: NCSC Identity and Access Management
3. Regular Updates and Patching: The importance of software updates (PaperCut vulnerability and Rhysida ransomware), Be Cyber Aware: Why regular software updates are important
4. Employee Training: Data Protection and Cyber Security (Inset Day) Training Ideas
5. Security Policies: NCSC Use policies to authorise requests
6. Backup and recovery: NCSC Small Business: Response and Recovery
7. Security Audits: NCSC Continuously test your security
8. Incident Response Plan:  document What to do immediately after a Cyber Attack (58 KB)
9. Physical Security:  document DPE Model Physical Security Policy (179 KB) , Keeping your IT systems safe and secure,