Over 4.5 billion data records have been breached this year, with human error being the leading cause of breached records.
Research shows that about 82% of data breaches in the UK involve a human element, including errors and misuse. These data breaches are part of a category known as accidental exposure, including inadequate security measures.
With tough penalties under the GDPR, there has never been a bigger incentive for businesses to get data security right and mitigate the risk of data breaches.
We have 10 simple tips that will help to improve your data security.
That includes all procedures and policies relating to information security, privacy and confidentiality. You can't fully protect yourself and your firm if you don't know what to do.
Know what data you are responsible for, what you are allowed to do with it and what you aren't. By knowing your responsibilities, you can take ownership of the data you handle.
Only do this if it is absolutely essential; ensure that any data is encrypted or password-protected, and ensure that it's returned or deleted after use. Before sharing any data, it is important to encrypt it.
Accessing your company's network via unsecured networks, including public WiFi hotspots outside your office, will make you more vulnerable. Keep this in mind when accessing or sharing any data.
Avoid forwarding data to groups of people, and take care typing email addresses to avoid sending data to the wrong recipient. Protecting the data you are responsible for is important, only distributing it to those who absolutely need access.
People in the same department or function may have different access rights, so check who is entitled to what and how documents are classified before sharing them. Use clear classifications such as Private, Confidential, and Public to grant privileges.
Use strong passwords and change them regularly; avoid sharing your password with anyone else, as your password may give others access to restricted information.
That means any information about your job, including emails, documents and instant messages. Avoid forwarding data to your personal email or smartphone or using personal devices and connections for printing etc.
If you're unsure about how to protect your firm's data, ask how to go about it to ensure that you are taking all necessary steps to maximise cyber security. You can get more advice and support from the IT department or your manager if you need clarification.
If you make a mistake, tell your manager or the IT department immediately so your firm can act quickly to limit its losses. There is nothing to be gained from hiding this information.
We’ve created a comprehensive GDPR roadmap to help you navigate the compliance landscape, supported by a comprehensive library of GDPR Courses.
We also have 100+ free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!
Finally, the SkillcastConnect community provides a unique opportunity to network with other compliance professionals in a vendor-free environment, priority access to our free online learning portal and other exclusive benefits.