Skip to main content
Back to News

GDPR – How secure is your data?

25th April, 2018

Every company has a different set up, with different systems, software etc, so there is no substitute for getting an expert in to verify if you have done all you can to secure your data.

As you will no doubt know, both from our previous blog post, and the numerous emails you’ve received about GDPR, data is everything.

Regardless of the reason for you holding data, under the GDPR guidelines there is an increased need to demonstrate you are holding all of your data securely. And by that, we mean your employees’ data, your own business data and that of your customers and prospects.

There is no one size fits all answer to security. But here are some easy steps you can take:

Oh, before we launch into those, we’re aware that we have used some “techie” phrases in here. As you know, we like to talk plain English wherever possible, but sometimes we can’t avoid it, so here’s a quick heads up on what we mean, before you dive into the easy steps…

Encryption –this is just fancy speak for protecting something (an email, a file or the whole computer). The data/file contents are scrambled into an encoded format using an algorithm and unlocked using a password, so only authorised personnel can access it. There are different levels of encryption, dependent on the nature of the business, but our recommendations are based on standard B2B companies. We can give you additional advice if you work in healthcare or finance, for example.

So, onto the easy steps…

Disk encryption for desktops and laptops:

This provides a layer of protection for the whole computer, requiring you to use a password before the machine boots up properly. If you run Windows 8 or 10 Pro or Enterprise BitLocker is included, and is a very good option for this. BitLocker is also available with the Enterprise version of Windows 7.

If you run Macs, then FileVault 2 is available in OS X Lion or later, which does a similar job.

We also work with Sophos, who provide anti-virus & security solutions. Sophos can integrate with Bitlocker to provide you with a managed solution.  The advantage with this option is that you can run it across your whole network – managing both desktops and Macs to ensure everybody’s machine is protected.

This will make it very difficult for anybody to access the machine, if your desktop is stolen, or a member of staff leaves a laptop somewhere.

Email encryption:

Whenever you send any kind of data with personal information, or company sensitive info, you should always send this via encrypted email. The best way to do this is via Office 365 – although some encryption is available with every plan, full encryption is only available with the E3 plan.

There is a little bit of setting up required, including a couple of adjustments on your domain name, so do let us know if you need some help.

If you don’t run Office 365, then clearly we need to talk! Only joking, well actually we are not, we should talk, but in the meantime, there are third party applications that can provide encryption too. 

File encryption:

In general, data is more secure when stored on your individual desktop, than it is in the cloud. Whilst it isn’t necessary to protect individual files if you follow the steps above, you can use the Microsoft built in encryption tools to password protect particularly sensitive files.

Remote access security:

When you have remote workers, who may work in unsecured environments such as public areas and cafes, you should consider additional security measures. One way of doing this is through something called two factor authentication. You would have a device that generated a new 6-8 digit password every 60 seconds, which you need to sign into the network. This is used in conjunction with your password, so if anyone sees you type your password, the next time you sign in the code has changed – this ensures the person signing in to the computer is who they say they are. If you work in a regulated environment, or hold sensitive data, this is particularly relevant to you.

Password creation:

And, a word to the wise here, there are lots of schools of thought on the creation of passwords, but you should ensure security is tied into at least one of your company policies. No employee should have post-it notes with passwords stuck to their monitors. And no member of staff should be using generic passwords such as pas sword123 – the most commonly used password in the US!

Every company has a different set up, with different systems, software etc, so there is no substitute for getting an expert in to verify if you have done all you can to secure your data.

If you would like a review of your IT security, please contact us on 01784 437 123.

Related articles

Data is your responsibility – even if you outsource!

In today's digital age, data is a valuable asset for any business. It can be used to drive growth, improve customer engagement, and gain a competitive advantage.

Read More

Embrace the AI-powered future of work

Transform your daily workflow with Copilot for Microsoft 365, seamlessly integrated into familiar tools like Teams, Word, Excel, and more. This next-gen AI, powered by extensive language models and your Microsoft Graph data, turns natural language into a potent productivity tool. Elevate creativity and efficiency with Copilot, revolutionizing the way you work.

Read More

Building a Collaborative Environment with Microsoft Teams 365

In today's fast-paced business world, effective collaboration is crucial for success, regardless of company size. Microsoft Teams 365 is a powerful tool that streamlines teamwork, boosts efficiency, and simplifies communication. Recent data shows its user base grew from 300 million to 320 million in 2024. Offering chat, video calls, file sharing, and seamless integration with…

Read More

Safeguarding Your Data: Backup and Recovery with Azure

Microsoft Azure offers robust backup and recovery solutions that can help you ensure business continuity and peace of mind..

Read More