14 Nov

8 things you can do to prevent data breaches

46% of all UK businesses have identified at least one cyber security breach or attack, according to a 2017 UK Government survey, and it’s not just large businesses being targeted. In 2016, a nursing home in Northern Ireland was fined £15,000 after an unencrypted laptop containing patients details was taken home by an employee and stolen in a burglary.

A data breach is a security incident in which sensitive, confidential or otherwise protected data is lost, destroyed, corrupted or disclosed by an individual unauthorised to do so. Although criminals cause the majority of data breaches, it is important to understand that data breaches are also caused by individuals in everyday life due to lack of training, inadequate processes and carelessness.

Top tips to protect your business against data breaches:

1. Make everyone accountable

It’s essential for everyone to understand that data security is a shared responsibility across every function and level of an organisation, not just the duty of the IT department. From day one, ensure that you establish clear lines of responsibility with your employees.

2. Educate

Ensure that teams are mindful of how data can be breached, how to avoid this and are attentive when carrying out daily tasks, not rushing emails or incorrectly using the “bcc” function. Gloucestershire Police were recently fined £80,000 for accidentally revealing the identity of child abuse victims in a bulk email.

3. Audit

Organisations who collect large volumes of data over time are at greater risk of a major breach. Last year, 57 million Uber customers and drivers had their personal data stolen, indicating the immense magnitude of information stored by global companies. Evaluate and reduce the amount of sensitive information held, encrypt inactive data and make sure your retention policies are adhered to.

4. Refresh and update

Upgrading your technology and ensuring that all the necessary antivirus and anti-malware software is installed will maximise the security of sensitive information. The British and Foreign Bible Society were recently fined £100,000 for having an insufficiently secured network that enabled the personal data of 400,000 supporters to be stolen.

5. Manage

Have you checked that old or unused laptops and mobile devices do not hold personal or sensitive data? In 2006, 25% of data breaches were due to stolen mobile phones, well above breaches caused by hacking and unintended disclosure. Dispose of old devices properly and ask third-party suppliers if they have a procedure in place for erasing personal data.

6. Protect

If possible, using encryption is a good method of protecting sensitive information. In the event of a data breach, encryption makes customer data unreadable, therefore useless. 465,000 customers had their personal information exposed by a cyberattack on JPMorgan Chase due to unencrypted temporary files.

7. Control

Ensuring passwords are complex and frequently changed will significantly reduce the chances of credentials being compromised. According to Verizon, 81% of hacking-related breaches used stolen or weak passwords to take data.

8. Change behaviour

Encourage employees to be extra vigilant when using data storage devices, ensuring that they are protected and not left lying around. Heathrow Airport were recently fined £120,000, when a USB stick belonging to a Heathrow employee which wasn’t encrypted or password protected was found.

Reporting data breaches

GDPR has introduced compulsory reporting if there is likely to be a risk to people’s rights which cannot be mitigated.  This breach has to be reported to the ICO within 72 hours. As well as reporting the breach, you must make efforts to contain it and minimise any effects. It’s important to make sure you have a good procedure in place to deal with a potential breach quickly and efficiently.

How can we help?

iCaaS – Our bespoke compliance tool will provide you with all the policies, procedures and tools you need to tackle these 8 points and many more.

Support – Our team of certified GDPR practitioners will guide you through a data breach and assist you with reporting to the ICO or your customers.

Virtual Data Protection Officer – Your vDPO will guide you through the GDPR, including preparing for and dealing with a data breach, with a programme bespoke to you.

Training – To get all your staff ready for a breach or other personal data incident, we offer training solutions, either classroom-based or online.

To speak with a a member of our team, simply email megan.kane@datasupportagency.com or call 0345 646 0066.

LATEST NEWS

BENEFITS

  • Feature
    No set up fee
  • Feature
    Maintain compliance
  • Feature
    Save time and resources
  • Feature
    Certified GDPR experts
  • Feature
    Protect your reputation
  • Feature
    Protect your business
THE COMBINATION OF GDPR CERTIFIED SPECIALISTS AND COMPLIANCE EXPERTS, BACKED BY OUR PROPRIETARY iCaaS SOFTWARE PLATFORM DELIVERS THE MOST EFFECTIVE GDPR COMPLIANCE, ANYWHERE.
Photo

Pricing

Check out our most popular packages to assist your business to achieve 100% GDPR compliance
  • PAY MONTHLY
  • PAY IN ADVANCE
    ONE MONTH FREE
24/7 portal access

30 minutes remote consultancy support per month

Chat, call or email the UK-based consultancy desk

Readiness assessment & GAP Analysis

Monitored compliance chart dashboard

60+ tools, templates, processes and documents to download

Subject Access Request management

Certificate of GDPR awareness

Automated legislation and ICO updates

Extensive FAQs

1 authorised user

Instant access

£49 PER MONTH

Buy Now

£539

Buy Now
GET INSTANT PORTAL ACCESS
24/7 portal access

120 minutes remote consultancy support per month

Chat, call or email the UK-based consultancy desk

Readiness assessment & GAP analysis

Monitored compliance chart dashboard

60+ tools, templates, processes and documents to download

Bespoke privacy policy creation

Subject Access Request management

Certificate of GDPR awareness

Automated legislation and ICO updates

Data breach support

Extensive FAQs

Up to 4 authorised users

Instant access

£99 PER MONTH

Buy Now

£1089

Buy Now
GET INSTANT PORTAL ACCESS
24/7 portal access

240+ minutes remote consultancy support per month

Chat, call or email the UK-based consultancy desk

Readiness assessment & GAP analysis

Monitored compliance chart dashboard

60+ tools, templates, processes and documents to download

Bespoke privacy policy creation

Subject Access Request management

Certificate of GDPR awareness

Advanced DPIA guidance

Proactive project plan tracking

Automated legislation and ICO updates

Enhanced data breach notification support

Extensive FAQs

Up to 10 authorised users

CONTACT US

Get In Touch
PRICE ON APPLICATION

INTERESTED...
TRY OUR DEMO

No need to wait. Log in straight away and take a look at our easy-to-use online portal 24/7.

ONLINE DEMO

HAVE ANY
QUESTIONS?

Our team of GDPR experts are here to offer you pre sales advice to help you choose the right package.

READY TO
GET STARTED?

Wherever you are, our solution helps you reach and maintain compliance.

BUY NOW

Get in
Touch

ADDRESS

8 Elmwood, Chineham Park,
Basingstoke, RG24 8WG

CONNECT WITH US