Stay GDPR compliant at home

10 Ways To Stay GDPR Compliant When Working From Home

In 2020, the COVID-19 pandemic and resulting lockdown in the UK meant that working from home became more commonplace than ever before. Businesses had to be able to adapt to offer remote working in order to help stop the spread of the virus. As a result, keeping sensitive personal data safe became a priority on all devices being used by employees from their homes; not just in the office.

Managing remote teams and their data security to ensure personal data remains private and secure is critical in avoiding a data breach. With security threats becoming more sophisticated, and businesses having to adapt to changing work environments, it is arguably more important than ever to consider and take action on the security of information and personal data.

Here, we offer tips and advice on how employees can ensure their staff can protect information that they are responsible for at home;

1. Use work-provided devices

Use work-provided devices when possible. It is critical to maintain as much control as you can over any equipment that could be used that could present a cyber security risk for a business. Avoid storing any work information on personal devices unless authorised to do so.

2. Have screens that nobody else can overlook

Have screens that nobody else can overlook or use privacy screens to prevent information from being seen from anything other than a 60-degree viewing angle from the front. Computer privacy screens are designed to keep private and confidential information just that - private and confidential! Protect information and sensitive data from prying eyes.

3. Encrypt all sensitive data

Encrypt all sensitive data, both in transit and at rest, so that all data is illegible and useless if there is a breach. Businesses can encrypt hard drives of devices or use third party software. VPNs should also be used to establish secure connections and communications between employees in their homes and the company’s IT computer network. Multi-factor authentication also works to strengthen the stronghold over remote security.

4. Regularly back up your data

Regularly back up your data, so that in the event of issues with viruses, or any other occurrence where information is deleted, data can be restored to what it was before the event. Protect from even the smallest data breaches. Data loss can happen to anyone. BY backing up data, you can ensure that copies of important documents are stored somewhere else in case something happens to the original copy.

5. Make passwords complex and ensure all documents are password protected

Ensure passwords are complex and all documents are password protected. Protect data from unauthorised access by using passwords to keep content safe and secure. Use a password management tool to store encrypted passwords online.

6. Control access

Control access so that employees only have access to the data they need, nothing more. This is a key element to data security; restrict access to unauthorised staff and ensure authentication as a method of verifying the identity of someone accessing your data.

7. Update your cybersecurity policy

Update your cybersecurity policy to reflect the working from home practices and considerations and have a data breach plan in place. Ensure it is regularly updated. Take into account the fact that staff are working from home and the effect that this may have on the IT systems. The plan should outline the processes that staff should take if there is a breach of data, that includes who to contact.

8. Ensure all confidential documentation can be stored securely

Where documents can be printed from employees’ homes, ensure all confidential documentation can be stored securely and shredded when no longer used.

9. Install and update antivirus and malware protection

Make sure all employees install and update antivirus and malware protection on all personal devices being used for work purposes.

10. Train your employees

Train your employees and limit the risk of human error. Use your data protection officer to train your remote staff on the processes they should implement on a daily basis.

Be proactive with your security, especially with staff working from home. Don’t wait until you have to deal with a breach. Have measures in place to stop one ever occurring.

Need help managing your data protection challenges?

If you have experienced a data breach and require immediate expert advice to assess the severity of the breach and determine whether or not you need to report it to the ICO, as well as help with recording the appropriate information and communicating with affected parties, we can help.

Rapid Response

Take a look inside

Take a quick look around the inside of the Databasix Essentials GDPR Toolbox.

Find out more

 

Latest News & Events

ICO Data Protection Registration Fee: How Much and Who Needs to Pay?

If you’re a company director or small business owner, you may have been surprised recently by a letter from the Information Commissioner’s Office (ICO), requiring you to pay an annual ‘data protection registration fee’.

You may have wondered if the fee request was genuine. Could it be a scam? Do you have to pay? Does the data protection registration fee signal another needless layer of bureaucracy? And what are the consequences if you ignore the letter?

Read more

Register for News from Databasix

* indicates required



Contact Databasix

Email info@dbxuk.com
Tel 01235 838507

Databasix UK Ltd
is a registered company in England & Wales
Registration No. 08771007

Harwell Innovation Centre
Building 173
Curie Avenue
Harwell Oxford
Didcot
Oxfordshire
OX11 0QG