Information Security – Eliminate those Gnomes!


At Performance Plus we specialise in helping businesses to achieve certification against International Standards for many areas of business such as Quality Management, Environmental Management, Health & Safety Management and Information Security Management.

Personally, I spend most of my time helping businesses to improve their Information Security Management. They then subsequently gain ISO 27001 Certification for their management systems.

With the rise in working from home (WFH) due to current Covid-19 restrictions, there has been a similar rise in cybercrime. Cybercrime is undoubtedly a very real threat. And there are numerous (and sometimes extremely expensive) products being offered to combat and improve cyber security.


Information Security versus Cyber Security

So, what’s the difference between Information Security and Cyber Security? This is a question that I’m often faced with.

I like to illustrate the answer to this with a simple, domestic analogy.


Gnome Alone

Imagine you’ve decided to improve the security of your home. You install a sophisticated and expensive burglar alarm system with multiple sensors and cameras. You fit complex, multi-lever locks to all doors and windows – also expensive. These are the domestic equivalents of cyber security in a business.

You then decide to go away for two weeks holiday. But, before you go, you arrange for a couple of neighbours to come in to feed your cat. You need more than one because neither neighbour can commit to being there for the whole two weeks. To simplify things, you arrange to leave a door key under the cute plastic gnome called Dorky who sits by your front door. Dorky/door key, whoever would guess that?

You also explain to the neighbours that your alarm system is really quite simple to operate. They just need to enter a six-digit code on the alarm panel under the stairs and you’ve set that as your date of birth. You know they’ll remember because of that fantastic party you had last year to celebrate your birthday! And, in case they forget, there are all those great videos on TikTok to remind them of the date.

You then leave a handy message on Facebook telling all your contacts (and the whole world because you haven’t changed your security settings) that you’ll be away but that you’ll keep in touch via Facebook. You’ll also post your holiday snapshots on Instagram to make everyone jealous. That’s Information Security – or the complete lack of it!

The moral of the story (if it’s not already blindingly obvious) is that Cyber Security is very necessary but can be extremely expensive. Information Security can be really simple and cheap but, if you don’t check and apply it, it can completely negate your expensive Cyber Security systems.


Need to review your Security Management?

If you need someone to help you to improve your Information Security Management (and to eliminate all those metaphorical gnomes and stupid social media faux pas) then give us a call or email us:

Tel:                    01284 330400


We work with small to medium size businesses across the East Anglia Region.

Covering Norfolk, Suffolk, Cambridgeshire, Essex, Bedfordshire and Hertfordshire.