10 Tips to Improve Data Security

Posted by

Lynne Callister

on 14 Jun 2022


Over 5 billion data records were breached last year, with internal error the leading cause of breached records.

10 Data Security Tips

Research shows that about 80% of data breaches in the UK result from human error. These data breaches are part of a category known as accidental exposure, including inadequate security measures.

With tough penalties under the GDPR, there has never been a bigger incentive for businesses to get data security right and mitigate the risk of data breaches.

We have 10 simple tips that will help to improve your data security.

Data security tips

  1. Familiarise yourself with your company's IT rules
  2. Be clear about your responsibilities
  3. Take extra care when taking data offsite
  4. Only access or transfer data via secure networks
  5. Only share information on a 'need to know' basis
  6. Understand and check document classifications
  7. Follow the password rules
  8. Only process work information via work devices
  9. If you're unsure how to protect your firm's data, ask
  10. Never conceal data losses or breaches
Free GDPR Self-assessment QuestionnaireAccidental breaches often occur when employees share sensitive information via email or file sharing. This is due to unstructured data combined with a growth in the number of ways to communicate internally and externally.

1. Familiarise yourself with your company's IT rules

That includes all procedures and policies relating to information security, privacy and confidentiality. You can't fully protect yourself and your firm if you don't know what to do.

2. Be clear about your responsibilities

Know what data you are responsible for, what you are allowed to do with it and what you aren't. By knowing your responsibilities, you can take ownership of the data you handle.

3. Take extra care when taking data offsite

Only do this if it is absolutely essential; ensure that any data is encrypted or password-protected; and ensure that it's returned or deleted after use. Before sharing any data, it is important to encrypt it.

4. Only access or transfer data via secure networks

Accessing your company's network via unsecured networks, including public WiFi hotspots outside your office, will make you more vulnerable. Keep this in mind when accessing or sharing any data. 

5. Only share information on a 'need to know' basis

Avoid forwarding data to groups of people and take care typing email addresses to avoid sending data to the wrong recipient. Protecting the data you are responsible for is important, only distributing it to those who absolutely need access.

6. Understand and check document classifications

People in the same department or function may have different access rights, so check who is entitled to what and how documents are classified before sharing them. Use clear classifications such as Private, Confidential, and Public to grant privileges.

7. Follow the password rules

Use strong passwords and change them regularly; avoid sharing your password with anyone else, as your password may give others access to restricted information.

8. Only process work information via work devices

That means any information about your job, including emails, documents and instant messages. Avoid forwarding data to your personal email or smartphone or using personal devices and connections for printing etc.

9. Ask about protecting your firm's data

If you're unsure about how to protect your firm's data, ask how to go about it to ensure that you are taking all necessary steps to maximise cyber security. You can get more advice and support from the IT department or your manager if you need clarification.

10. Never conceal data losses or breaches

If you make a mistake, tell your manager or the IT department immediately so your firm can act quickly to limit its losses. There is nothing to be gained from hiding this information. 

Information Security Training Presentation

Want to learn more about Information Security?

To help you plan and execute compliance in your organisation, we have created a comprehensive GDPR roadmap.

Our best-selling Compliance Essentials Library and award-winning LMS provide a one-stop compliance training solution, including information security e-learning.

And our searchable compliance glossaries explain key terms and regularly report on learnings from the largest compliance fines resulting from regulatory breaches.

We also have 80+ free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!

If you'd like to stay up to date with information security best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news, subscribe to the Skillcast Compliance Bulletin.

Last but not least, you can interact in person with thought leaders and your peers at one of our popular live webinars and face-to-face events.

If you've any questions or concerns about compliance or e-learning, please get in touch.

We're happy to help!

Compliance Essentials

Compliance Essentials Library is our best-selling comprehensive corporate training solution.

100+ e-learning and microlearning courses that help companies from SMEs to multinationals achieve compliance success.

Start a Free Trial

cta-banner-placeholder