Skip to content

GDPR Week 3 – Data Security

Businessman presses button GDPR Data Protection Regulation on video

Its week three of our GDPR journey together! We hope these bite-size chunks are helping tame the beast that is GDPR and removing some of the fear of what’s required.  Please remember to share this email with anyone else that may be struggling with the concept of GDPR.  It is important that we all take note of the new laws and helping to remove the burden of technology from hard working business people is the reason we get up in the morning, so we welcome sharing of our advice.

This week we will be focusing on the best practice for ensuring data security. Under the new EU GDPR rules, you are responsible for how your data is stored and protected. Below are some to prepare your online systems for GDPR.

Recommendation 1 – Control Access to Data

As a data controller under GDPR, you are responsible for the data security technologies of the files stored with your IT Systems. We have split this into three critical areas for your consideration.
  1. Prevent unauthorised access to data
    You must show how you have considered who has access to what information and it is necessary for them to have that level of access
  2. Have records of how data has changed
    It is essential to show an audit trail of data access, changes and deletion
  3. Detect and Report Un-authorised Access to Data
    You must notify the ICO of a breach within 72 hours of becoming aware of the violation.
We recommend you secure your systems with access control lists and turn on file auditing. In addition to this, we have some solutions to address these issues and would be happy to help you enable this protection. Please reply to this email or give us a call to discuss this further.
Data Encryption with Shield Icon on Red Button on Black Computer Keyboard.
Security concept: Lock on digital screen, contrast, 3d render

Recommendation 2 – Remove Legacy Software and Hardware

There is a lot to be said about loyalty, but in this case, you may be doing yourself a disservice. Software and hardware that are not receiving regular data security protection are probably one of the most significant risks to your organisation’s data compliance and security.
Under GDPR you must ensure that you protect your data and doing regular security patching is all part of this. If a device or software system is no longer receiving security patches, then any exploits could leave your systems open to a breach like the NHS after the WANNA CRY outbreak.
We recommend doing an audit of all software and hardware in your organisation, so you know what is current and what is legacy, then replace the old kit. We already do a lot to keep your systems as up to date as possible, so this requirement should be another easy win.  If you would like help with this give us a Call or email to discuss the further

Recommendation 3 – Run up to date Anti-Virus and Antimalware

Hopefully, in today’s business environments it is a necessity that we all run up to date Antivirus and Antimalware software. GDPR further enforces this requirement by its requirement to protect all personal information.
If you’re already a client, then it’s highly likely we already regularly monitor this protection and proactively fix any issues you have with Anti-Virus and Antimalware. If you are not currently part of our proactive ecosystem, then and would like us to monitor your systems give us a call or email to discuss further.
Vector computer internet safety network security concept
Cyber security and protection of private information and data concept. Locks on blue integrated circuit. Firewall from hacker attack.

Recommendation 4 – Regularly update all software to ensure all known vulnerabilities are not present

Security and Feature updates are now commonplace in the IT industry.  The most commonly known example would be Windows Updates. We recommend you regularly update your machine including downloading any update for software installed on your computer. GDPR requires you to give the best endeavours to data protection and running regular updates is a core part of your IT System’s Security.
If you’re a client, we can monitor your system and make sure you’re always running the latest version, if you would like us to track your systems give us a call or email to discuss further.

Wondering what to do now? If you want to find out more about Our companies press the buttons below.

Other Posts in this Category

‘Matter’: What Is It?

‘Matter’: What Is It?

Here we look at what Matter 1.0 is, its advantages for the IoT and setting up a smart home (or

Learn More about Voice Commands and Speech recognition

Learn More about Voice Commands and Speech recognition

In this insight, we look at how you can use voice commands to carry out tasks in Windows, plus how

New WhatsApp Features: ‘Communities’, In-Chat Polls and more

New WhatsApp Features: ‘Communities’, In-Chat Polls and more

Meta’s WhatsApp has announced the global rollout of its ‘Communities’ feature along with in-chat polls, 32-person video calls, and groups

Could ‘PimEyes’ be used for Stalking and Unlawful surveillance?

Could ‘PimEyes’ be used for Stalking and Unlawful surveillance?

Privacy campaign group Big Brother Watch has filed a complaint to the ICO that the face recognition search engine PimEyes

Is The End Coming For Forever Chemicals?

Is The End Coming For Forever Chemicals?

In what could be a huge step forward for environmental clean-ups, a team of researchers from the University of Washington

What Are Discord Servers?

What Are Discord Servers?

In this insight, we look at what a ‘Discord server’ is, how to set one up, and the pros and