Data security impacts us all and it often seems that not a day goes by without another breach of customer data.
All businesses are required as part of their GDPR responsibilities to take data protection seriously so it is important, whatever the size of your company that you have a periodic review of your data security processes and increase measures when necessary.
In this article, we’re looking at why you should increase your data security and giving you 5 simple ways to make sure you are not putting your business at undue risk.
Why you should bother about data security
Many people thought that once the UK left the EU in December 2020 GDPR wouldn’t apply but nothing could be further from the truth.
In fact, GDPR still applies until the end of the transition period (known as ‘the bridge’) which is due in June 2021. Given the upheaval caused by COVID, it is entirely possible that this will be extended.
Although GDPR is an EU law, it has actually now been incorporated into UK data protection legislation, so if you hold personal data, you need to comply.
As we have seen in the last couple of years, the Information Commissioner’s Office (ICO) hasn’t been shy about levying fines on companies that break the rules, ending up in some cases with individuals receiving prison sentences.
Even if you don’t get a fine from the ICO, you may well suffer serious reputational damage and companies that lose their customers’ data can take a serious hit.
What can you do about data security?
Given that there is always someone out there trying to steal your data what can you do about it?
The first piece of advice is to stay up to date on the latest threats and don’t think that because you reviewed your security levels three years ago they are still valid.
There are some practical steps you can take right now to make sure that your data is kept safe from unauthorised access and use.
Step 1 – Establish strong passwords
It might seem unbelievable but in 2021 people are still using passwords that are obvious, simple to crack or just plain stupid.
Using the default password that came with your device is a definite ‘no-no’ (after all, everyone will have it) and using Password123 is asking to be hacked.
The same goes with PINs when you are using 2 Factor Authorisation. So no more “0000” or “1234”.
Most browsers have a password suggestion facility and you can use one of the many password saver apps that are available free of charge.
Step 2 – Develop a company-wide security mindset
Whilst you may be thinking about data security all the time, is the same true of your employees?
It’s important that everybody in the company thinks about the way that they use, process and transmit data and takes as much care as the boss.
Whether you have 5 people working for you or 500, the message is the same; data security matters.
Reward good data security behaviours and make it clear that people who put your business in peril have no place in the organisation.
Step 3 – Update your programs and apply patches regularly
You know those annoying times when Windows wants to do an update?
Or the time your network specialist says they want to close down your server?
Those are the times when an important security patch has been released to enable you to stay up to date and combat the latest threats.
Refusing to allow your computer to apply updates or let your IT person apply patches is a sure way to open up a big trapdoor to your data.
When you see an update, apply it. They may be inconvenient but it’s a lot better than having someone steal all of your customer data or insert malware onto your server.
Step 4 – Encrypt your devices
This sounds like it will be difficult and as a consequence people tend not to do it but in reality, encrypting your devices takes minutes and is often as simple as clicking a button!
For Mac users, search ‘turn on FileVault”, for Windows users its “BitLocker” and for Android it is Settings > Security>Encrypt phone.
Step 5 – don’t connect to public networks
Public networks are the perfect place for hackers to access your devices and data.
Whether that is at your local Starbucks, down at the shopping centre or at the airport, logging on to unsecured networks is just asking for trouble.
Even if you are using relatively safe browsers such as Firefox, you can still end up suffering a data breach when you are surfing the web.
Using a specialist VPN for Firefox will secure your connection so that you are not sending unencrypted data over insecure networks.
Or choosing a multi-device VPN will make sure that the data you send and receive is encrypted when it is sent over that dodgy-looking WiFi in the pub.
Data security- a matter of minutes
As we have seen, many of the methods to increase your data security are just ways to think differently about what you are doing or carrying out small actions that take minutes but could save you a lot of heartache.
Data security touches all parts of an organisation and it’s not just about implementing some high-tech solution. It is more often understanding where the threats are and how we can combat them.
As the saying goes “a journey of a thousand miles starts with a single step” so why not start now by encrypting your phone!