Why your business needs cyber insurance

Why your business needs cyber insurance

Data is the lifeblood of the modern business – even those not involved in technology or services industries. In fact, information is your most valuable asset.

Realising this fact, UK businesses are getting better at backing their information up – but there’s still a lot more that needs to be done.

Insuring your data

With your security and backup provisions in place, the last step is to protect your business against the wider repercussions of data loss. Which is where cyber risk insurance comes into play.

Cyber risk insurance offers a financial fall-back in the event of your systems failing – or someone breaking in and stealing your data. If you experience a breach or data loss event, you can make a claim against your policy. 

Which means you will have some funds available to begin the process of restoring normal business operations, recreating data. Or paying fines for breaches that expose personal data.

Should you insure your data?

Your physical assets – PCs, cars, buildings – are all insured, so why not your data? You can always buy new physical assets (at significant cost), but data is much, much harder to replace.

Losing data is more than “just” a financial inconvenience, however. Losing personal data belonging to customers or your employees is illegal, and could land your management team in serious trouble. Once the new GDPR regulations come into force (May 2018), your business could be facing fines of up to €20,000,000 or 4% of annual worldwide turnover, whichever is greater.

Insurance is a scam – we can manage without it

In an effort to keep operating costs low, business owners are constantly looking for ways to make savings. So if you don’t need extra insurance, why would you pay for it?

Around 60% of smaller businesses experience a cyber breach each year – which means that you have a 3 in 5 chance of being a victim this year. Obviously, this should spur you on to improve your security provisions – but it should also serve to underscore the importance of insuring yourself against such events.

The reality is that in the case of data breaches, the question is not if, but when. Blind hope will not protect your business from losing data.

In the age of data-driven business, cyber risk insurance is equally important as public liability coverage.

Think you’re already covered? Think again

Apparently more than half (52%) of CEOs believe they already have some form of cyber insurance in place. The same government statistics found that in reality, less than 10% are properly covered.

Which means you must confirm your insurance coverage against cyber breaches as soon as possible – or face having to find sufficient funds to pay for reparations and remedial work from your reserves. 

The average cost of each breach has been estimated at £3,480 (more for larger firms) - can you really afford to take that kind of hit?

To learn more about cyber risk insurance and what it means for your business, please get in touch.

Ofcom makes it easier for SMB's to exit under-performing broadband contracts

Ofcom makes it easier for SMB's to exit under-performing broadband contracts

New rule changes mean that your business can move broadband provider quickly and without charge

For many years broadband providers have been able to advertise services offering download speeds of up to 200MBps. But once installed, many small business owners have found the actual maximum achievable speed is much slower.

Fear of being fined by the Advertising Standards Agency forced many providers to be a little more specific about their services. Most now provide customers with a range of speed values between which they expect the final connection to achieve. These “more accurate” values are typically only supplied as the buyer completes the sign-up process.

Frustratingly though, even this range of speeds is just an estimate. There is no guarantee that your business will actually achieve guideline download speeds. Ever.

Have you ever tried cancelling business broadband?

Once you have signed up to a contract, cancelling business broadband is all but impossible. None of the service reps you speak to will be able to help because their support scripts do not cover your situation for starters.

And when you do manage to speak to the disconnections department, they will quickly remind you about the contract you signed, and the amount of time remaining before it expires. They will also happily point out that all speeds quoted are simply estimates, and that your very slow broadband speeds are beyond their control.

All of which means that if you want to terminate the contract, you’ll have to pay a hefty disconnection fee.

Switching business broadband providers is about to get a lot easier

This inability to switch business broadband providers leaves British SMEs at a significant disadvantage, both to their larger competitors who can absorb the cost of cancelling contracts and foreign firms equipped with faster connectivity. Realising that bad broadband has a wider effect on the UK economy, telecoms regulator OFCOM has stepped in with a new program to assist.

From 2016, cancelling business broadband that fails to perform will be free. Where a business can demonstrate that their broadband connection continually performs below the minimum expected speed, they will be able to break their contract without fear of hefty cancellation charges. 

ISPs signed up to the program will also be required to provide maximum and minimum speed estimates before the sales process begins. In this way, SMEs should be able to compare services more effectively before being locked into a contract.

Time to get serious about cancelling your business broadband

Whatever your situation, it’s time to talk to Kimbley IT. We can supply your business with a super-fast, super reliable fibre Internet connection that allows you to compete on the world stage. Drop us a line and we’ll help you understand your options – even if you are currently tied into a non-negotiable contract.

GDPR – what is it and why does it matter?

GDPR – what is it and why does it matter?

Data protection laws in Europe are changing again, this is what you need to know.

Modern business relies on customer data – the better you know your clients, the better you can serve them. As a result, an awful lot of sensitive information is being held in company data stores.

Naturally customers are quite concerned about how this information is being protected. These concerns have led to a new piece of legislation intended to strengthen protections for consumers – the General Data Protection Regulation (GDPR).

What is GDPR?

Put together by the European Parliament; the GDPR is a regulation intended to standardise data protection for individuals across the European Union. The new regulation updates a previous directive published in 1995 which went on to form the basis of the UK’s own Data Protection Act 1998.

Coming into force in May 2018, the GDPR places some burdens on any organisation that collects and stores personal data.

What do you have to do?

We are currently in the second half of a two-year transition period, during which your business will need to strengthen existing protections. In future, you will need to:

Include data protection measures at the design phase of all business processes, products and services.

Set the default security for any application to “very high”.

Delete customer from your systems if they ask you to (under certain circumstances).

Provide an electronic copy of individual records for transfer to another service if requested.

There are other obligations for businesses who use sophisticated data processing algorithms for decision making (like insurers) and public authorities.

You must also obtain permission from every individual before storing and processing their data.

It is also important to note that any business holding data on EU citizens is bound by the GDPR. Even if you are based in the USA, Russia or China, you will still need to adhere to the regulation.

What if you break the rules?

In practice, the GDPR is quite similar to the existing Data Protection Act, so many of your existing security and privacy measures can stay in place. In the event of personal data being exposed, there are some possible outcomes:

Where the exposure is accidental, you may be issued a written warning.

Your business may be subject to periodic data protection audits to ensure your provisions are compliant.

A fine, potentially as high as €20,000,000 or 4% of your annual worldwide turnover – whichever is greater.

Which is a very big incentive to take personal data protection seriously.

We’re a B2B business, so this doesn’t apply to us?

Wrong! All personal data is covered by the GDPR – including personnel records and other information you hold on your workers.

But wait, what about Brexit?

With Britain leaving the EU, you might be tempted to assume that we’ll escape the GDPR. The UK government has already pledged that GDPR will be implemented even with Brexit.

And if your business deals with customers on the continent, you will need to adhere to GDPR anyway.

One year to go

The good news is that you still have until May 2018 to get your compliance plans in order. With such hefty penalties involved, every organisation (including yours) needs to assess their provisions to make sure they are compliant.

If you need help and advice or would like to know more about how G Suite by Kimbley IT can simplify compliance, please get in touch.


Learn how Kimbley IT helped Global Pump & Seal build an IT platform to support their 5 year growth plan

Learn how Kimbley IT helped Global Pump & Seal build an IT platform to support their 5 year growth plan

Based in Bromsgrove, Global Pump & Seal has been supplying and maintaining industrial pumps for more than 35 years. The team also provide a range of supporting services, including consultancy, site visits and surveys.

The Challenge

With a five-year growth plan in place, Global Pump & Seal were concerned that their current IT provisions were insufficient. Worse still, they had experienced technical problems with their email and other systems that brought the company to a halt.

The management team were also unhappy with their current IT support provider, who they felt were too slow to fix problems. With their existing partner taking 2-3 days to resolve issues, the team were offline and unable to work for extended periods of time.

“We had issues where we couldn’t get emails, or couldn’t print,” explains David Smith, Global Pump & Seal’s Managing Director, “so we had to find a solution.”

It was clear that their current provider was unable to provide the service, support, or level of technical knowledge their 5-year plan required.

The Solution

Global Pump and Seal took the decision to partner with a new support provider – Kimbley IT. Global’s management team were convinced that Kimbley IT would deliver a higher quality of service more quickly than they had received previously. 

One of the first tasks was to overhaul the existing IT systems, to prevent outages. Kimbley helped migrate systems and data into the G Suite ecosystem, reducing reliance on ageing hardware in the Global offices. 

G Suite by Kimbley IT uses Google’s own data centres to deliver email and smart collaboration tools that allow Global Pump employees to access business data on any device. As a result, Global’s team have been able to develop new ways of working without being limited by their IT hardware.

The Outcome

Global Pump & Seal now has a future-proof IT system that will scale automatically as their business grows. And with the assistance of Kimbley IT, they now have access to support resources they need to resolve issues quickly.

Over the past six months, Kimbley IT has helped Global save money by significantly reducing downtime
— Dave Smith - MD Global Pump and Seal

Global’s employees are now able to contact Kimbley for support whenever they need it using the Google Hangouts tool; 
“If we have a problem I can message Kimbley IT, and they solve the problem and sort the problem” says David.

Over the past six months, Kimbley IT has helped Global save money by significantly reducing downtime. David is unequivocal, simply stating “Our productivity has gone up.”

Client Story


How to take, share and insert notes with Google Keep

How to take, share and insert notes with Google Keep

Recently, Google made Google Keep part of the core G Suite service. With this Google Keep has been integrated into Google Docs making it easy for you to insert notes into a document from the Tools menu. 

With the Chrome extension, you can easily save notes from a website you visit. And sharing your notes with colleagues is simple. Don't forget you can also get Keep on your Android or iOS device so you can take notes on the go or during meetings.

Disaster Recovery – what is it, and why does it matter?

Disaster Recovery – what is it, and why does it matter?

Every few years a frightening statistic pops up claiming that a large number of businesses are under-prepared for a serious system outage – and 80% go bust within six months of experiencing such an event.

This terrifying statistic has been attributed to the White House, FEMA, AXA and Gartner (among many others), but like the best stories on the Internet, this one also appears to be fake – but for one crucial point:

A large number of businesses really are underprepared for a disaster.

What is a disaster recovery plan?

A disaster recovery plan is the only way to prepare your business for a serious, sustained outage. By considering the factors that threaten your operations, and how they may be mitigated, you can protect yourself against the worst.

An effective plan needs to consider threats from three sources:

  1. Threats to your offices, like flooding, fire or terrorist attack.
  2. Technology failure, like broadband outages, server crashes and data loss.
  3. Threats posed by human factors, like hackers or general negligence by your own employees.

You will need to draw up a list of these threats, and how you would respond to them. If the broadband connection goes down for instance, you could fail over to a mobile broadband connection until normal service is restored.

Why does the disaster recovery plan matter?

Although 80% of businesses do not fail after experiencing a serious system outage, 100% do face significant financial fall-out. Having your systems go offline will result in:

  1. Lost productivity.
  2. Data loss that affects future operations.
  3. Reduced capacity to serve customers, affecting their opinion of your brand and potential sales in future.
  4. Increased wage bill as you will still be paying your staff even if they can't work.
  5. Potential fines and legal fall-out if sensitive information is lost, breaching the Data Protection Act.

As you can see, there are significant, ongoing costs to consider. Costs that could push an underprepared business into bankruptcy. 

Mitigating problems in advance

A documented disaster recovery plan is essential to the future health of your business, and you should put one together as soon as possible. You should also seriously consider how to reduce the number of weak points in your current IT set-up.

Every workstation or application you use has the potential to fail, taking important data with it when it does. Fortunately, there are ways to offset these risks. Adopting G Suite for storing email and documents allows you move that task away from your in-house server, placing the burden onto Google’s enterprise-grade, fail-safe data centres for instance. 

Even if your server is hit by a direct nuclear strike, your corporate data is still safe, secure and available using any internet-connected device.  And it is these sorts of enhancements that will help your business survive a serious system outage. This is why Kimbley IT recommends businesses use Cloud services to work, manage and store their businesses data. All of our clients are prepared in case disaster strikes. Are you?

Download your FREE IT Ultimate Disaster Recovery checklist to get started.

Name *