Thanks for replying so soon.
I have pointed this out to the MD and IT manager already. However they had already discussed it. This a is a very close-knit company. Basically I have been told that they do not care about such risks.
So how can it be done?
Thanks to all in advance – John