By Claire West

Speaking this week at a seminar at the Institute of Directors in London, COLT urged small and medium enterprises to take a more comprehensive approach to securing their critical business information.

“A surprising number of smaller organisations still believe that security is fundamentally about anti virus software,” said Andy Horn, director of the UK SME Division at COLT. “In reality, if you only focus on specific IT security elements, you are likely to leave yourself exposed — it’s like locking the door but leaving the window open. Instead, businesses need to examine the value of information to them and then build a security plan that takes a complete view of information security, covering both IT and non-IT aspects.”

Horn continued, “No business has an unlimited security or IT budget. There are several things a business can do that are inexpensive but will make a real difference, such as developing and implementing a security policy and rolling it out to employees. It is also easy to get caught up in day-to-day security tasks, such as updating your anti-virus or anti-spam software, and this takes time. For this reason, we advocate out-tasking certain aspects, such as email security or disaster recovery, so that businesses can focus on the overall policy and management in-house.”