Skip to content

GDPR Week 3 – Data Security

Businessman presses button GDPR Data Protection Regulation on video

Its week three of our GDPR journey together! We hope these bite-size chunks are helping tame the beast that is GDPR and removing some of the fear of what’s required.  Please remember to share this email with anyone else that may be struggling with the concept of GDPR.  It is important that we all take note of the new laws and helping to remove the burden of technology from hard working business people is the reason we get up in the morning, so we welcome sharing of our advice.

This week we will be focusing on the best practice for ensuring data security. Under the new EU GDPR rules, you are responsible for how your data is stored and protected. Below are some to prepare your online systems for GDPR.

Recommendation 1 – Control Access to Data

As a data controller under GDPR, you are responsible for the data security technologies of the files stored with your IT Systems. We have split this into three critical areas for your consideration.
  1. Prevent unauthorised access to data
    You must show how you have considered who has access to what information and it is necessary for them to have that level of access
  2. Have records of how data has changed
    It is essential to show an audit trail of data access, changes and deletion
  3. Detect and Report Un-authorised Access to Data
    You must notify the ICO of a breach within 72 hours of becoming aware of the violation.
We recommend you secure your systems with access control lists and turn on file auditing. In addition to this, we have some solutions to address these issues and would be happy to help you enable this protection. Please reply to this email or give us a call to discuss this further.
Data Encryption with Shield Icon on Red Button on Black Computer Keyboard.
Security concept: Lock on digital screen, contrast, 3d render

Recommendation 2 – Remove Legacy Software and Hardware

There is a lot to be said about loyalty, but in this case, you may be doing yourself a disservice. Software and hardware that are not receiving regular data security protection are probably one of the most significant risks to your organisation’s data compliance and security.
Under GDPR you must ensure that you protect your data and doing regular security patching is all part of this. If a device or software system is no longer receiving security patches, then any exploits could leave your systems open to a breach like the NHS after the WANNA CRY outbreak.
We recommend doing an audit of all software and hardware in your organisation, so you know what is current and what is legacy, then replace the old kit. We already do a lot to keep your systems as up to date as possible, so this requirement should be another easy win.  If you would like help with this give us a Call or email to discuss the further

Recommendation 3 – Run up to date Anti-Virus and Antimalware

Hopefully, in today’s business environments it is a necessity that we all run up to date Antivirus and Antimalware software. GDPR further enforces this requirement by its requirement to protect all personal information.
If you’re already a client, then it’s highly likely we already regularly monitor this protection and proactively fix any issues you have with Anti-Virus and Antimalware. If you are not currently part of our proactive ecosystem, then and would like us to monitor your systems give us a call or email to discuss further.
Vector computer internet safety network security concept
Cyber security and protection of private information and data concept. Locks on blue integrated circuit. Firewall from hacker attack.

Recommendation 4 – Regularly update all software to ensure all known vulnerabilities are not present

Security and Feature updates are now commonplace in the IT industry.  The most commonly known example would be Windows Updates. We recommend you regularly update your machine including downloading any update for software installed on your computer. GDPR requires you to give the best endeavours to data protection and running regular updates is a core part of your IT System’s Security.
If you’re a client, we can monitor your system and make sure you’re always running the latest version, if you would like us to track your systems give us a call or email to discuss further.

Wondering what to do now? If you want to find out more about Our companies press the buttons below.

Other Posts in this Category

Microsoft Introduces AI-Powered ‘Copilot’ to Improve Productivity for MS 365 Users

Microsoft Introduces AI-Powered ‘Copilot’ to Improve Productivity for MS 365 Users

Microsoft recently announced that it is introducing an AI chatbot, known as Copilot, into popular Microsoft 365 apps. This advancement

Optimise Your Website and Reduce Your Carbon Footprint Now!

Optimise Your Website and Reduce Your Carbon Footprint Now!

As the world continues to strive for a greener future, businesses need to think of new ways to mitigate their

Netflix Faces User Backlash After Trying To Tackle Password Sharing

Netflix Faces User Backlash After Trying To Tackle Password Sharing

In recent weeks, popular streaming service Netflix has faced a user backlash on social media following an announcement of plans

HSBC’s Acquisition of Silicon Valley Bank Presents Opportunities for UK Tech Businesses

HSBC’s Acquisition of Silicon Valley Bank Presents Opportunities for UK Tech Businesses

The news that HSBC had bought the British arm of Silicon Valley Bank (SVB) for £1 came as a great

Even After Opting Out, Your Data May Still Be Shared

Even After Opting Out, Your Data May Still Be Shared

Recent US research has revealed that, in many cases, user data is still being collected, processed and shared even when