Nine easy steps to follow to end e-crime for SMEs

Industry, the police and government departments need to work together if small and medium-sized businesses, the core of all...

Industry, the police and government departments need to work together if small and medium-sized businesses, the core of all corporate supply chains, are to tackle the growing menace of e-crime more effectively.

Two groups, Parliamentary/industry IT lobby group Eurim and IPPR, the influential left-of-centre political think-tank, this month came up with nine clear recommendations.

In summary, the recommendations are:

  • The National Hi-Tech Crime Unit should take the lead by providing a one-stop shop for information

  • A basic "green cross-code"-style awareness programme is needed for SMEs

  • The Department for Further Education and Skills and the learning and skills councils should mandate IT security modules in all publicly-funded IT training

  • All mass market IT user skills programmes, such as the European computer driving licence, should include specific IT security sections

  • The Home Office, Department of Trade & Industry and the DfES should co-operate in giving practical advice to groups of small firms about IT security issues

  • The Home Office should mount a nationwide publicity campaign highlighting the need for IT security

  • Government should encourage IT security accreditation schemes, perhaps building on existing qualifications offered by the British Computer Society or Infosecurity Europe

  • Suppliers' associations such as Intellect should get their members talking about providing better levels of security

  • All bodies training IT technicians should review course material and include mandatory and practical content on IT security.

"The issues around e-crime are similar to all organisations and their solution is a non-competitive issue," said Chris Devine, information security manager at Camelot, who chaired the Eurim group which came up with the recommendations.

"This is a good report because it tackles the issue in a realistic way," said the Earl of Erroll, a member of the group. "Regulation does not work because criminals are proactive whereas the law is reactive, therefore people have to defend themselves."

Devine is confident government departments can work together effectively on these recommendations because they are easier than they think. "The paradox is that because the message is so simple, government departments see work involved that is not there. It really is a simple exercise," he said.

What is Eurim?

The European Informatics Market (Eurim) is a Parliamentary/industry lobby group which identifies the IT implications for ideas on legislation in Brussels or Westminster.

Under the chairmanship of MP Brian White, previously an IT professional at Abbey National, Eurim flashes up early warnings in its workshops which comprise users, suppliers, consultants and parliamentarians.

It has scored notable successes, most recently in cutting back on the number of amendments needed on the Communications Bill, and thereby speeding its passage through Parliament.

Read more on IT for small and medium-sized enterprises (SME)