According to a report by Computer Weekly, the Information Commissioner's Office (ICO) has dealt with more data breach reports and issued more fines in the past year than ever before.
A half of all information security breaches are due to human error, more often than not, by people not understanding the policy.
With tough penalties of up to €50m under the GDPR, there has never been a bigger incentive to get data security right.
We have 10 simple tips that will help to improve your data security.
1. Familiarise yourself with your company's IT rules
That includes all procedures and policies relating to information security, privacy and confidentiality. You can't fully protect yourself and your firm if you don't know what to do.
2.Be clear about your responsibilities
Know what data you are responsible for, what you are allowed to do with it and what you aren't.
3. Take extra care when taking data offsite
Only do this if it is absolutely essential; make sure that any data is encrypted or password-protected; and ensure that it's returned or deleted after use.
4. Only use secure networks to access or transfer data
Accessing your company's network via unsecured networks, including public WiFi hotspots outside of your office will make you more vulnerable.
5. Only share information on a 'need to know' basis
Avoid forwarding data to groups of people and take care typing email addresses to avoid sending data to the wrong recipient.
6. Understand and check document classifications
(eg - Private, Confidential, Public, etc) and privileges - Even people in the same department or function may have different access rights so check who is entitled to what and how documents are classified before sharing them.
7. Follow the password rules
Use strong passwords and change them regularly; avoid sharing your password with anyone else as your password may give others access to restricted information.
8. Only use work devices to process work information
That means any information relating your job, including emails, documents and instant messages. Avoid forwarding data to your personal email or smartphone or using personal devices and connections for printing etc.
9. If you're not sure how to protect your firm's data, ask
You can get more advice and support from the IT department or your manager.
10. Never conceal data losses or breaches
If you make a mistake, tell your manager or IT department immediately so your firm can act quickly to limit their losses.
Want to know more about Information Security?
As well as 50+ free compliance training aids, we regularly publish informative Information Security blogs. And, if you're looking for a compliance training solution, why not visit our Compliance Essentials course library.
If you've any further questions or concerns about Information Security, just leave us a comment below this blog. We are happy to help!