According to a report by Computer Weekly, the Information Commissioner's Office (ICO) has dealt with more data breach reports and issued more fines in the past year than ever before.
Half of all information security breaches are due to human error, more often than not, by people not understanding the policy.
With tough penalties of up to €50m under the GDPR, there has never been a bigger incentive to get data security right.
We have 10 simple tips that will help to improve your data security.
1. Familiarise yourself with your company's IT rules
That includes all procedures and policies relating to information security, privacy and confidentiality. You can't fully protect yourself and your firm if you don't know what to do.
2.Be clear about your responsibilities
Know what data you are responsible for, what you are allowed to do with it and what you aren't.
3. Take extra care when taking data offsite
Only do this if it is absolutely essential; make sure that any data is encrypted or password-protected; and ensure that it's returned or deleted after use.
4. Only use secure networks to access or transfer data
Accessing your company's network via unsecured networks, including public WiFi hotspots outside of your office will make you more vulnerable.
5. Only share information on a 'need to know' basis
Avoid forwarding data to groups of people and take care typing email addresses to avoid sending data to the wrong recipient.
6. Understand and check document classifications
Even people in the same department or function may have different access rights so check who is entitled to what and how documents are classified before sharing them. Use clear classifications such as Private, Confidential, Public and use these to grant privileges.
7. Follow the password rules
Use strong passwords and change them regularly; avoid sharing your password with anyone else as your password may give others access to restricted information.
8. Only use work devices to process work information
That means any information relating to your job, including emails, documents and instant messages. Avoid forwarding data to your personal email or smartphone or using personal devices and connections for printing etc.
9. If you're not sure how to protect your firm's data, ask
You can get more advice and support from the IT department or your manager.
10. Never conceal data losses or breaches
If you make a mistake, tell your manager or IT department immediately so your firm can act quickly to limit their losses.
Learn more about Information Security & Compliance
If you'd like to stay up to date with information security best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news subscribe to Skillcast Compliance Bulletin.
To help you navigate the compliance landscape we have collated searchable glossaries of key terms and definitions across complex topics including GDPR, Equality, Financial Crime and SMCR. We also regularly report key learnings from recent GDPR fines.
You can follow our ongoing YouGov research into compliance issues, attitudes and risk perceptions in the UK workplace through our Compliance Insights blogs.
And if you're looking for a compliance training solution, why not visit our Compliance Essentials Course Library.
Last but not least, we have 60+ free compliance training aids, including assessments, best practice guides, checklists, desk-aids, eBooks, games, handouts, posters, training presentations and even e-learning modules!
If you've any questions or concerns about compliance or e-learning, please get in touch.
We are happy to help!