IT Risk & Security : An Executive Overview

Small and Medium Enterprises (SMEs) are a priority focus area for government economic policy and are considered to be of key importance to socio-economic growth in South Africa. SMEs are usually born out of entrepreneurial passion and limited funding, with business systems that are often heterogeneous and independent. Moreover, tangible and intangible business assets of SMEs are rudimentary defined, and the value of such assets is often only partially known. Typically this is the case with one of the most important assets, namely, information.

Much like any other business asset, information needs to be strategically managed and protected. Information security is the protection of information within a business, including the systems and hardware used to store, process and transmit this information. It is imperative that SME business leaders understand the value of information contained within their business systems and have a framework for assessing and implementing information security. Numerous internationally approved security frameworks and schemes may be implemented to safeguard an organisation against information loss and potential liability. Since these frameworks are complex, all embracing, and ultimately costly to implement, they are mostly adopted by large organisations.

Usually, due to the dynamic and ad hoc development of many SMEs, neither integration nor security issues are systematically addressed in the building-up phase. Thus, policies and frameworks for information security planning and disaster recovery are usually very rudimentary or even nonexistent. It is often the case that the basic understanding of information security risk in SMEs does not extend much beyond viruses and anti-virus software. Inadvertent threats pose some of the highest information security risk to SMEs, and yet personnel training and awareness programmes are often neglected.

Survey results reveal that the level of information security awareness among SME leaders is as variable as the state of their information systems, technology and security. Although a minority of SMEs do embrace security frameworks such as ISO / IEC 27001 or the International equivalent ISO 17799, most SME executives have not heard of security standards and consider information security only as a technical intervention designed to address virus threats and data backups. Far from blaming SME executives for not understanding the critical issue surrounding information security, research concludes that SME leadership needs to engage, understand and implement formal information security processes, including technical and organisational measures. Without such measures, their organisations may be severely impacted by inadvertent threats / deliberate attacks on their information systems which could ultimately lead to business failure.

Based on the contents of this information package SMEs will be able to perform risk assessments on their environments, select and apply suitable measures for performing and managing information security related risks. In this document we assist SMEs in defining such an effort, in deciding the way to initiate and perform it and, if they have sufficient resources, we provide guidelines for performing a self-assessment of information risks. For this purpose, we offer a simple risk assessment method that leads to a quick and encompassing identification and mitigation of information risks.

The assessment method presented in this document is based on a simplified model that has been generated for small organisations which share certain common characteristics. First, their organisational structures are relatively flat, and people from different organisational levels are accustomed to working with each other. Second, people are often required to multi-task, exposing staff members to the entire variety of processes and procedures used across the organisation.

Big Business Server solutions for the SME

Designed and priced for small businesses, Windows Small Business Server 2011 is an affordable server solution to help your business run more efficiently. It provides core functionality for:

  • Networking
  • Server and PC Backup
  • Security
  • Advanced e-mail and calendar capabilities
  • Database and line-of-business support
  • Document and printer sharing
  • Remote Access

Windows Small Business Server offers you a server solution with reduced complexity and increased manageability over traditional enterprise servers, helping you to focus on running a more efficient business.

Small Business Server Solution


Simplify Small Business IT
Simplified Purchase and Setup. Identify, purchase, install, and manage multiple components and technologies together in an interoperable single-server experience.
Simplified Management. Reduce administration costs by using an intuitive management interface, one that presents relevant system information and a matching set of tasks.

Increase Business Productivity
Remote Web Access. Remote Web Access provides a single, simple, consolidated, and highly secure entry point into a small business network. Access files and documents from inside and outside the business through any common web browser.
Desktop Synergies with Windows 7 and Office 2010. By combining Windows 7 and Microsoft Office 2010 with Windows Small Business Server 2011, you will have the IT foundation you need to be more efficient and effective, to easily collaborate with your peers, to work remotely, and to feel confident that all your critical business data is protected.
Mobile Device Support. Integrated setup features configure collaboration services so that you can easily add Windows Phone or other Internet-enabled phones.
Run Business Applications. Supports critical line-of-business applications and runs them on a secure award winning platform.
Tailored to Online Services(1). Provides a cross-premise solution, allowing small businesses to retain core infrastructure and enables simple, single sign-on experiences with cloud-based services.

Help Protect Business Data
Simplified Backup for Business Data. Businesses can easily backup server and client data to external and/or internal hard drives.
Network-wide Protection. Complete, network-wide security with integrated state of the art protection technologies.
Client Protection. Monitors client computers for antivirus status, update compliance, and overall security health.
Full Client Backup. Performs a daily, automatic, backup of every computer on a network and the server itself.

Greater Business Insight
Information Organization. Streamline document access and control information sharing using a centralized data repository that can be accessed from any computer on the network.
Enhanced Support and experience for Line-of-Business With Premium Add On Applications. Run a vast number of line-of-business applications on a second server, and enjoy a powerful data management and analysis

Contact us to start enhancing your IT experiance

Are you unhappy with your current IT Support or IT Service provider?

Many SMME and SME companies do not have an official IT department in place and this function is normally run by non-IT staff. If this function is outsourced is primarily serviced by a junior ‘clicker’ or a IT Service Provider that is over charging and under delivering for IT Services without allowing the SME to understand what exactly has been done. Traditionally speaking, a closed book approach is often used making the SME dependent on their outsourced IT support. These IT providers get away with this as the SME is often too busy trying to run their business.

Green Apple IT (GAIT) provide our clients this service with a reporting function allowing our clients to be educated at the same time. With no additional cost to company, we believe that by educating an internal resource reduces the smallish IT niggles e.g. basic desktop / user error, printer set up etc which would normally be deducted from the standard industry hourly support fee.

At GAIT we manage the IT requirements of your company with regards to design, supply, implementation, advice and services which redefines and increases productivity across all business functions

Our success factors come from a few KEY strengths;
• High levels of professionalism and established internal support infrastructure
• Years of experience in the IT industry
• Direct access to all the leading manufacturers
• Best practice procedures & compliance

IT benefits;
• Prompt telephonic response and remote support
• Daily support available with immediate business critical support service in place
• High level technical solution relating to desktop operating systems, desktop applications, server’s, network operating systems

Network Design;
• Documentation of design and implementation plans
• Recommendations for deployment, design and / or quality of present and or future projects
• Detailed recommendations on hardware and technology roadmaps for future growth
• Post installation assessments and audits

Technology deployments are run as tightly scheduled projects with;
• Set deadlines
• Measurable goals
• Ongoing monitoring
• Audits

Contact us here…


Desktop Support Solutions

Remote Desktop Support
Desktop support when you need it most by someone that actually knows how to help, remotely without you having to wait.

On-site Desktop Support
When you need that friendly face, helping you through the frustrations you may be facing, we will assist.

Server & Infrastructure support
Preventative maintenance to look after the most important IT hardware in your business.

IT Service Management
What would all of this be with out structured management of the service? Best practices in the IT industry ensure that you and your business interests.


Anti-Virus solutions that work for your business


Software is used to prevent, detect, and remove malware, including computer viruses, worms, and trojans

To prevent e-mail spam, both end users and administrators of e-mail systems use various anti-spam techniques

Is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware

A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications