In light of GDPR, is your data really secure?

You’ve updated your privacy policy, cleaned your database, maybe even appointed a Data Protection Officer. Great. That’s your GDPR compliance taken care of then.

But is it?

The real thrust of the GDPR is not so much how you go about collecting personal data but how you look after it. In view of this, a revised privacy policy is not worth the paper it’s written on if you don’t keep your data secure.

So how secure is your data?

If your answer is, ‘I’m really not sure,’ don’t be ashamed. An enormous number of businesses store data on hard drives, email servers, phones etc without really knowing what’s housing what or whether or not they’re secure. And, even with an antivirus and firewall in place, in many cases they’re not.

The easy way to secure your data

The good news is that it’s very easy to secure data on all your devices, by using an encryption programme. Encryption protects your data by placing a secure ‘wrapper’ on the drive, making its data inaccessible to anyone who doesn’t have the login details.

We recommend that any machine that contains data and is taken beyond the security of the office should be encrypted. So laptops, tablets and phones are particularly important to encrypt. If you’re unfortunate enough to leave your laptop on the train or have it stolen, the information on the drive will remain secure if it’s encrypted. This is different to merely putting a password on an unencrypted computer. Without encryption, malicious users can simply bypass the password and access it.

Apple iPhones and iPads are encrypted by default once you set a password. You can follow the steps to encrypt your Android devices here.

For your computers, laptops, back-up drives etc, we recommend BitLocker, an encryption programme from Microsoft, which is included with Windows 10 Pro. With BitLocker loaded on your computer, you can encrypt the drives on all your devices, meaning that wherever you keep your data, it will be secure.

How to encrypt your data with BitLocker

If you have Windows 10 Pro you will already have BitLocker as a feature of the system. Those with moderate IT skills should be able to follow the install wizard to apply it as required. If you have Windows 10 Home, you’ll need to pay the £99.99 to upgrade to Pro.

AS WITH ANY STRUCTURAL CHANGE TO YOUR IT SYSTEMS, IT IS IMPORTANT TO MAKE SURE YOU HAVE AN UP-TO-DATE BACK-UP BEFORE YOU SET ABOUT ENCRYPTING YOUR DRIVES.

For encryption, your computer needs a Trusted Platform Module (TPM) chip. Many modern computers have this but if yours hasn’t got one installed, you can buy a mini USB for about £6, which you need to keep plugged in. Before encryption starts, BitLocker provides a recovery key to cover you in case you forget your password. Make sure you file this away somewhere safe.

Need help?

If all this sounds frighteningly technical, we can help with any aspect of encryption. That includes an audit of your systems to determine where and how your data is stored and make sure everything that needs to be encrypted is encrypted.

Upgrading from Windows 10 Home to Pro typically up to an hour and then the encryption itself can take anything from a few hours to a day, depending on the age and size of your drives. We will come in and set the encryption process running, then come in the next day to check that everything is encrypted and all your upgrades are working properly.

Working with encrypted devices

Once you have all your drives encrypted, you won’t have to do anything differently. There’s no need to enter login details for everything, you’ll be able to work and access your files as normal – with the one vital benefit of knowing that you really are GDPR compliant because your data is safe and sound.

For help securing your data, please call us on 01372 46 4321.

Posted in Tips for Business, Tips for Charities.