Government backup recommendations

Sharing insights from both our Cyber Security Audits and IT System Audits.

cybersecurity, backup recommendations

As we are working with local businesses to enhance their cyber security, we’re excited to share some insights with you. We conduct between 12 and 24 audits annually, a practice we've upheld for over two decades. Both IT System Audits and Cyber Security Audits which include things like penetration testing and simulated phishing attacks.

What this has been great for, other than helping our customers understand their system or support problems and risks they might face, such as Cyber Security or the Backup System not being capable of what they expected, is that we get a very honest and transparent view of how other IT support companies perform their IT support or managed services. Some of these scenarios are complete outsourcing, and some are higher-level support that sits next to the in-house, employed IT manager or team.

Some of the most common issues we see are:

  1. Many businesses do not know that the latest government recommendations are available to them, and it actually makes sense. The National Cyber Security Centre (Government Security Department) is actually great at giving advice regarding the latest threats.
  2. Backup and disaster recovery are in place, or so the business owner or manager responsible for IT (often in a finance or operations role) thinks. However, often, this system doesn’t really cover all the circumstances that the business would expect. It was set up by IT but never reviewed or agreed upon by the management team. It’s actually a wider business decision.
  3. Structured maintenance is not being performed and reported back to the management team. Every manager responsible for IT should know 100% that critical things are being checked and reported on. Firewalls, Backup, System Patching, User Onboarding/Offboarding, etc.
  4. There are no regular monthly or quarterly service review meetings to review IT support, cyber security status, and our customer management team objectives and goals (so we understand how to best support you).
  5. Every business should have a security framework or plan in place. Often, the internal IT team or IT support business doesn't have experience in cyber security. That is why most security-conscious organisations use a security partner. We’re not saying everyone needs ISO 27001, but there needs to be some kind of structure and best practice. As an example, Breathe uses a Cyber security risk assessment that we compiled with the help of the NCSC and a Security Framework based on SANS Institute best practices.
  6. Many businesses have never had their IT audited.

You can get a free copy of the latest Government Backup Recommendations below, with some input from our MD. It’s definitely worth a look to see if your backup in general is fit for purpose and if you have in place what you need to cater for a cyber breach or attack.

Click on the link below to download your free copy of the latest Government Backup Recommendations.
https://breathetechnology.com/wp-content/uploads/2024/03/Government-backup-recommendations_Business.pdf

It won’t cost you anything and may actually be of help!

Should you need any assistance, call us at 01223 209920 or email lucy@breathetechnology.com



Looking for something specific?