Today (Monday 28 January 2019) is Data Privacy Day. Led by the National Cyber Security Alliance (NCSA), it is the one day where people across the globe are asked to think about the importance of respecting privacy, safeguarding data and enabling trust.
At Hollinbay we are dedicated to educating businesses on the importance of cybersecurity and data safety is no exception. To mark Data Privacy Day, here are eight ways to improve data protection in your business.
1. Improved password management
According to research carried out by Centrify, 81% of data breaches in 2017 were caused by passwords being hacked. What this means is, there are still a lot of people using passwords that are simple for cyber criminals to crack.
One of the easiest things you can do to improve data protection in your business is educate your employees on how to create strong passwords and make them the core of your data protection strategy.
We have a full blog post dedicated to creating safe and secure passwords but in short, employees need to avoid common phrases, names and places that have an emotional connection. Instead they should use random words, a mixture of numbers, letters, capitalisation and symbols, and use online generators to make passwords as hard as possible for hackers to crack.
It is also worth noting that using password management software such as Last Pass is a great way for employees to manage their passwords without risk.
2. Regular employee education
Your people are the biggest threat to your business’s cybersecurity, but they can also be its biggest protectors – if they understand it fully.
Regular communication with employees is a must, as they need to understand the potential impact in a language they understand. Platforms like company meetings, team briefings, newsletters and intranets are good places to start and it goes without saying that your cybersecurity and data protection policies need to be part of the onboarding process when new starters join your business.
We pulled together our biggest tips for educating employees on cybersecurityin a previous blog post which should give you some ideas for communicating the importance of data protection to your workforce.
3. Employ a data protection officer
As part of the recent change to the General Data Protection Regulation (GDPR), some businesses are now required by law to appoint a data protection officer. They are responsible for monitoring the organisations compliance as well as keeping up-to-date with legislation changes.
Although not every organisation needs one, it is good practice to appoint a data protection specialist to help you manage the security of your data.
The IT governance website has more information on what type of businesses need a data protection officer, and what their duties should be once appointed.
4. Get to grips with your data
One of the main benefits of appointing a data protection officer is to have at least one person in your business who knows your data inside out. If you were to be breached tomorrow, would you know which data is the most valuable to you? Which data would damage your business the most if it was lost? This is the data you need to focus the most on protecting, including limiting the number of employees that have access to it.
5. Become cyber essentials certified
Cyber Essentials is a government approved certification that helps you guard against the most common cyber threats, as well as demonstrating your commitment to cyber security.
Becoming Cyber Essentials certified reassures your customers that your technology is set up to protect you against attack, attracts new business knowing you have standardised measures in place and enables you to tender for Government organisations requiring Cyber Essentials certification.
Hollinbay can help you become Cyber Essentials certified by using qualified industry engineers to carry out a full MOT of your cybersecurity infrastructure, identifying and resolving all threats as part of the process.
6. Put a strong firewall in place
Your firewall is your first line of defence, so it needs to be strong. Hollinbay’s managed firewall service has been developed to give you superior protection and improved network security while guarding your hardware from unauthorised access.
7. Update your software
It might feel as if your software is continuously asking to be updated, but there is a reason for it. Developers are constantly finding new security threats that need protecting against.
One of the most important reasons to update your software is to protect your business from any security weaknesses and vulnerabilities. If you do not update it straight away and there is a delay in the security patches being available to you, it could make you vulnerable to hackers.
You should make sure all employees are aware that they need to update all the software they use day-to-day, including operating systems on devices and smartphones.
8. Reduce the security risk with Bring Your Own Devices
Bring Your Own Device (BYOD) encourages employees to access company emails and documents on their personal devices. The benefits to the employer are clear; reduced costs and improved productivity. But the one big negative is that the lack of control and ownership for the business leaves them susceptible to security breaches.
Solutions that improve data protection can include educating employees on the risks, dividing device space into a secure part for work, requiring users to have locked-down devices and on-device security software.