Three ways to protect yourself from a data breach following GDPR
Since the introduction of GDPR earlier in the year data breaches now encompass any breach of security that leads to the destruction, loss, alteration, unauthorised disclosure or access to personal data. The protocols in place now have a 72 hour time limit in which an organisation must disclose this to the Information Commissioner’s Office (ICO) if it’s likely to result in the risk of the rights and freedom of individuals. If a breach is high risk then individuals affected must be notified directly, and must be reported within the time limit.
Did you know that failing to report a breach can result in a substantial fine for an organisation of 4% of its global annual turnover?! In order to avoid this the key is accountability and ensuring that any incidents or trends are logged effectively to put in processes for further prevention.
Three things you can do to protect yourself from data breaches:
One way to make your website more secure is by implementing HTTPs to attain a SSL (Secure Sockets Layer) certificate, which provides secure and encrypted communications between a website and an internet browser. The SSL certificate enables an encrypted connection when a web browser contacts a secured website. It is essential to encrypt data that is submitted through enquiry and data entry forms on your website, and implementing HTTPs establishes ‘encryption in transit’.
As of October 2017, Google Chrome now displays non HTTPs pages (HTTP previously) as ‘Non Secure’ in the address bar, which can influence how visitors use your page, increase bounce rates and potentially affect the performance of your business.
Secure your admin page
Securing your admin page is essential to avoiding data breaches, as admin pages are the most targeted and hacked pages in terms of website security. Using secured pass phrases and storing them securely, or additionally using two factor authentification can improve your website security and minimise the potential risk of being breached.
Educating members of your organisation is one of the best security measures that can be implemented to prevent data breaches and attaining any fines. It is an ongoing process that is constantly changing and adapting, it is not as simple as installing a piece of software onto a computer or having a back-up system. Did you know that over 90% of data breaches within businesses are caused by staff members?! This is why it is of the upmost importance that you educate your team on GDPR and data breach prevention!
If you would like to talk further on any of the topics above, please do not hesitate to get in touch with us using the links on our website.