In the week the UK topped the G7 league of broadband availability, the government has announced vital steps to curb the growth in security threats associated with always-on connectivity.

The Home Office launch of ITsafe, a major IT security initiative aimed at protecting small businesses and home users against hackers and viruses, has two main goals.

First, it wants to restore consumer and small business trust in ecommerce, which has been dented by horror stories about phishing and other forms of online identity theft.

Second, it is striving to protect internet-reliant parts of the critical national infrastructure (CNI), such as government web sites, banks and transportation, from electronic attacks and hacking by criminals and terrorists.

By offering basic, easy-to-understand advice about the importance of personal firewalls, anti-virus and patch management, as well as instant email and text message alerts warning of major security risks, the government believes it will be able to cut cybercrime.

Police monitoring of internet chatroom exchanges between criminals suggests that simple steps, such as activating Windows XP Service Pack 2's firewall defaults, have already reduced the potential for compromising home and business PCs and creating 'bot' armies used for denial of service (DoS) attacks, by up to 25 per cent.

'We need to up the security game of ordinary citizens, because if they fall down on information security then their compromised machines can be used against us,' Roger Cumming, director of the government's National Infrastructure Security Co-ordination Centre (NISCC), said last year (Computing, 14 October).

Cumming now says he has delivered on his promise, with NISCC acting as the main information supplier for security threat notifications posted on the ITsafe web site.

'Security on home PCs and small businesses is important not just for them, but for the CNI,' he told Computing this week. 'If ITsafe helps reduce the number of home and small business PCs compromised this will help the CNI, by potentially cutting down on DoS attacks.'

Detective Sergeant Steve Santorelli, at Scotland Yard's Computer Crime Unit, says that, as larger organisations strengthen their IT security, criminals will look for the weakest link.

'Criminals that use computers to commit crime are much like burglars, in that they will often go for the least well-protected victim. If your house is well protected, the thief might avoid it and break into another, less well-protected house elsewhere,' he said.

'It's the same with computers: if you have a fully-patched operating system, a software firewall and a regularly-updated anti-virus package, you are relatively well protected and far less likely to be attacked than a computer user that has not acted as responsibly to protect their machine.'

By checking advice on the ITsafe web site and signing up to regular alert warnings, Cumming hopes consumer and business users will have fewer fears about ecommerce.

'People hear things about the growth in viruses and worms and they don't want to go online, but through this initiative we want to show there can be a safe balance,' he said.

Philip Virgo, secretary general of parliamentary lobby group Eurim, says awareness is vital, but smaller firms need help finding the right IT partners.

Last week Eurim and the National Hi-Tech Crime Unit (NHTCU) co-published a security advice booklet for small businesses. Virgo said: 'The big problem is availability of security products and services that small businesses can actually understand. They also need help finding people of a known quality who they can call to fix a problem.

'At the moment it's difficult for a small firm to find out whether its machines have been patched successfully or have been hijacked. As a result, they're avoiding using online banking and other electronic tools.'

Virgo says ecommerce organisations must follow ITsafe's lead and help home users and small businesses to secure their computers, and overcome security fears. PC retailers need to provide security services at the point of sale, and ecommerce sites need to do more to educate users, he says.

'If a bank wants you to use their online services, they should also have a register of trustworthy security consultants that can help their customers,' he said.

ITsafe plans to work with egovernment portals and private sector CNI organisations, including online banks and utilities firms, to do just that, and will promote the service through their web sites.

By doing so it hopes to bring consistency to the security advice offered by ecommerce web sites.

To lower the bar for security- conscious home and small business PC users, ITsafe is drawing upon the public-private sector Project Endurance advertising initiative to offer easy-to-understand, lower-cost security.

'Protecting you, your business and your staff from the most common electronic threats may cost a lot less than you spend on locks and alarms for your shop or office,' said Tony Neate, head of industry liaison at the NHTCU.

What is ITsafe?

ITsafe is a government initiative intended to provide small businesses and home users with tried and tested, easy-to-understand advice on protecting computers and phones from malicious attack.

Home Office minister Hazel Blears, who is responsible for crime reduction and community safety, launched the web site this week.

The Cabinet Office Central Sponsor for Information Assurance will run the service on a daily basis, with the National Infrastructure Security Co-ordination Centre providing security alerts.

It provides guidance for users of the Windows and Apple Mac operating systems, as well as for users of PDAs and smartphones running WinCE, PalmOS, or Symbian OS.

As internet usage increases on other machines, ITsafe will extend to cover more devices, such as digital TV, games consoles, fridges and washing machines.

See www.itsafe.gov.uk

What do you think? Email feedback@computing.co.uk

If you want to be first with the news, visit Computing every day.