Skip to content
WDYG white favicon extra space

GDPR Week 4 – Best practice for ensuring data security

Person Holding Data Block New Lock Icon

Iit’s already week four of our GDPR journey together! You are probably bored of us banging on about the things you need to do to be compliant but do keep with us. We are nearing the end! Many of you will have already started to tackle your GDPR responsibilities and be well on your way to being compliant. For those who haven’t…there is still time to get a plan in place. Even if you are not completely ready by the 25th of May, having a corrective plan in place will help your cause so don’t panic.

This week we will be focusing on best practice for ensuring data security. Under the new GDPR rules you are responsible for how your data is stored and protected. Below are some to prepare your online systems for GDPR.

Recommendation 1 – Have good Backups with a regular restore to confirm that the data is corrected

Backup is like an insurance policy, you don’t want to pay for it, but you must have it in case the worst should happen. As part of your disaster recovery solution, you should already be creating and storing a backup of your data with a copy being held off-site. GDPR builds on this best practice by making it a requirement for you to be able to restore your data promptly in the event of data loss or corruption.

We have two recommendations to help satisfy the extra responsibilities:

  1. Use a cloud backup solution called Datto. These systems are incredibly smart and offer excellent data resilience.
  2. Perform regular test restores. It is one thing having a backup…it is another to know that it will work when you need it. Don’t wait until you’re in a disaster recovery situation to find out if your backup works!
information security online, cybersecurity and personal data protection, gdpr
Data protection Cyber Security Privacy Business Internet Technology Concept.

Recommendation 2 – Protect network access by Separating Corporate Machines and devices from personal devices

Who doesn’t like a bit of free wi-fi? It saves your data allowance and probably gives you faster speeds etc. So, it is evident that most people will connect their mobile phone to their work wireless network or a visitor might ask for access. The problem with this is that you now have lots of additional unknown devices connected to your system. Under GDPR it is you responsibly as the data controller to know who has access to what on your network, so it is not a good idea to have personal devices on your corporate system.

If you still want to allow personal devices access to your internet connection, we can create a separate guest network for your employees and visitors to use. Which stops them from being able to see any of your corporate machines and so removes any risk they might pose. Most of you will already have this facility…it’s just a case of switching it on. If you would like us to do this, please let us know.

Recommendation 3 – Create a secure area for sharing data with third parties (Subcontractors/Suppliers.)

Sharing data with third parties is often a vital aspect of most businesses. GDPR, however, changes the relationship you have with third parties making you both liable for the protection of data you share. Which means that you have to think about the systems you use to pass on information and how you secure access to these systems.

If you are regularly exchanging information with a third party, we recommend that you adopt a secure storage area which has access controls. Which enables you to keep full control of your information! We have many solutions tailored to different needs so if this is something you are interested in; please do get in touch.

Abstract security cloud technology background. Illustration Vector
Person using a Laptop Computer with data protection, Cyber security, information safety and encryption concept. internet technology and business concept, Laptop mockup with clipping path on screen.

Recommendation 4 – Check your marketing data to ensure it conforms with the GDPR Requirements. 

No one likes junk mail, and one of the more publicised parts of GDPR is how it now protects consumers against receiving unsolicited marketing. Great news for consumers but adds a few requirements for any of you who perform this kind of marketing activity. You will need to get renewed consent for all of you existing marketing contacts. The ‘gold standard’ of consent is called double opt-in. Which means that in addition to a customer signing up through a web form they need to confirm that they wish to receive your correspondence by clicking a confirmation link in a follow-up email before you can market to them.

We recommend that you use your existing email marketing system to send a new opt-in email to all of your existing contacts using the new consent model. Remember you will be unable to use current lists after the 25th of May if you don’t do this!

Wondering what to do now? If you want to find out more about Our companies press the buttons below.

We Do Your IT Support Brand Logo
We Do Your Communications Logo
We Do Your Marketing Logo
We Do Your Hosting Logo
We Do Your IT Supplies Logo

Other Posts in this Category

HSBC’s Acquisition of Silicon Valley Bank Presents Opportunities for UK Tech Businesses
March 20, 2023 Group

HSBC’s Acquisition of Silicon Valley Bank Presents Opportunities for UK Tech Businesses

The news that HSBC had bought the British arm of Silicon Valley Bank (SVB) for £1 came as a great

Read More ....
Edible Packaging – A Delicious and Sustainable Solution to Reducing Plastic Waste
March 17, 2023 Group

Edible Packaging – A Delicious and Sustainable Solution to Reducing Plastic Waste

Read More ....
Even After Opting Out, Your Data May Still Be Shared
March 13, 2023 Group

Even After Opting Out, Your Data May Still Be Shared

Recent US research has revealed that, in many cases, user data is still being collected, processed and shared even when

Read More ....
Revolutionary 3D Printing: Scientists Leverage Bacterial Ink for Revolutionary Results!
March 9, 2023 Group

Revolutionary 3D Printing: Scientists Leverage Bacterial Ink for Revolutionary Results!

Researchers at the Swiss Federal Institute of Technology Lausanne (EPFL) have taken an innovative approach to 3D printing with their

Read More ....
Protecting Dutch Digital Resilience: How to Reduce Stress and Improve Mental Well-Being in Cyber Professionals
March 8, 2023 Group

Protecting Dutch Digital Resilience: How to Reduce Stress and Improve Mental Well-Being in Cyber Professionals

The modern workplace is more than ever under the threat of cyber-attacks, making it a necessity for organisations to protect

Read More ....
Discover the Benefits of Hybrid Pricing for SaaS Companies and Customers Alike!
March 3, 2023 Group

Discover the Benefits of Hybrid Pricing for SaaS Companies and Customers Alike!

As more and more software as a service (SaaS) companies move away from the traditional usage-based pricing model, hybrid pricing

Read More ....