Data privacy has always been important but in the era of the home office and remote working, there are even more factors to consider. Today, on Data Privacy Day 2021, the theme is becoming more “privacy aware” and for more businesses to “respect privacy”. To mark the event, Infuse have complied a list of key considerations for your business.
Protect what you collect – and only collect what you really need. To avoid hefty fines and being named and shamed by the ICO, make sure the personal data your business is collecting is only stored and used for relevant and legitimate purposes whilst adhering to GDPR rules and regulations. By prioritising data privacy, you can not only avoid financial penalties, but avoid damage to your business’s reputation.
Ensure your company has a documented (and strictly adhered to) data protection policy and remember, data protection rules apply to all personal information you keep – this includes employee and recruitment data.
It’s also worthwhile to remember that although we are no longer in the EU, GDPR rules still apply.
Communication is key – With a string of high-profile data breaches hitting the headlines in recent times including BA, Marriott and most recently the Police National Computer incident. Consumers are now more than ever aware of what they are sharing and how their data is being used. By remaining transparent and keeping customers updated on steps you’re taking to keep their data safe, this results in a building a trusting relationship with even the most sceptical of customer and develops a stronger brand reputation for taking data security seriously.
Educating employees – With more and more businesses now operating remotely , it is imperative that employees understand what measures to take to protect data privacy and reporting incidents in the event of a breach. By having correct reporting procedures in place, future breaches can be avoided and problems in your current data protection strategy can be rectified quickly and can help your business stay safe online.
Password hygiene – Passwords will soon be a thing of the past, with technology like Windows Hello and Security Keys becoming more mainstream, but in the short term they are here to stay. Your passwords should be long, a password to access clients and customers data should be over 12 characters, guidance from the NCSC has stated for a while that a long password that doesn’t change unless compromised is better for security than a shorter complex password such as Passw0rd1! You’ll find it awkward to use and won’t use it anywhere else!
Multi-factor authentication (2FA) – Multi-factor authentication is an additional layer of security that requires multiple forms of verification before access to business accounts is granted. If passwords are easily guessed or compromised, 2FA is an extra step businesses can take to further protect their data, and show they take data privacy seriously – for more information on our security services, take a look here.
Source National Cyber Security Alliance
Data protection is a particularly high priority for us at Infuse. Our team can validate your existing security practices while advising on new and improved processes to get your business in line with the requirements of your clients and regulations.
If you’d like to discuss data privacy, GDPR or any other security services, please get in touch at [email protected]