GDPR and data loss prevention: Keeping your data safe

Alongside our GDPR events schedule we’re also publishing a series of blogs throughout August focusing on the IT security element of GDPR, and demonstrating why it should be the first step on your journey towards compliance. 

This blog is the second in the series, you can read the first blog ‘Wrapping IT security around your online environment is crucial’

As the April 2018 deadline rapidly approaches, we’re helping UK businesses to understand how they can use technology within their businesses to comply with GDPR.

TSG is hosting a GDPR event which will cover 4 key areas: discover, protect, manage and report. This event will be showing you how to manage end-to-end GDPR compliance using technology. Come and speak to our experts at 3 locations across the UK: Newcastle, Manchester and London, you can sign up here.

Why is keeping corporate data secure so vital?

It may seem like an obvious one, however it’s a question that many businesses fail to ask themselves; unfortunately in many cases they then fall victim to malicious cyber-attacks such as Ransomware (read about Ransomware). As the pace of technology moves so quickly you can see how reliant we have become on business data being accessible. Losing your email means a loss of communication, losing your documents means no information on hand and jeopardising business-sensitive data. Loss of PC function and it’s game over.

Long gone are the days of having purely physical data, as we’ve ushered in a new era of information storage. IT security comes hand-in-hand with this new way of working. There are key considerations we must take into account such as having robust IT security measures in place and staff awareness.

Years ago, when data was stored primarily in files (the lever arch variety, not digital), they would be put into a filling cabinet and stored with others in a secure office environment. The cabinets would be under lock and key and the room would also be locked down. Now we’ve moved files into an online environment we must take action to ensure their safety and not assume they are automatically protected – this simply isn’t true.

Where does IT security fit into GDPR?

GDPR requires UK businesses to implement technical and organisational measures in order to protect the Personally Identifiable Information (PII) they hold.

When it comes to GDPR IT security should be one of the first, if not your first, consideration. I like to view it as shutting and locking the doors to your home. That’s the first step towards a secure home environment – it’s the same message with GDPR. Lock down your data.

How to keep your data safe

There are a number of ways you can do this. Firstly, encryption proactively protects your data by continuously validating the user, application and security identity of a device before allowing access to encrypted data. Businesses can also protect business data by implementing an anti-Ransomware product such as Intercept X, raising awareness among employees, adopting a security dashboard to manage your online environment such as Sophos Central and training your staff with a product like Phish Threat, all of these solutions are designed to safeguard your data and ensure business continuity. 

During our upcoming GDPR and Technology event we’ll be dissecting the IT environment and the best ways to keep your corporate data secure. This event will be held in 3 locations: Newcastle, Manchester and London. Our experts will be on hand to answer your questions. You can read more about our GDPR event here.