What if you were fined $25 million or 4% of your company’s annual revenue? It’s possible under the new EU General Data Protection Regulation (GDPR), which applies to any company collecting personally identifiable information on EU citizens. Regardless of where they are based, organisations need to pay attention to their data collection, storage, and transfer, especially if they sell to or employ EU citizens.
Beyond regulation, public pressure makes information security the most important aspect of a company’s digital strategy. Many systems are not ready for a potential cyber attack, as evidenced by security breaches in 2017 headlines. It is time to stop blindly trusting that online data sharing applications or in-house data management is risk-free. Examine your company’s solution to see that it encompasses all of our Five Levels of Security:
When you transfer data (files, images, etc.) via email or an online application, you need to know that the only people who can access it are the ones you intend. The best way to keep your information from being intercepted or copied is to only use a system that encrypts your data. Without encryption during transmission, your data is at risk.
Have you ever filtered your water and seen all of the impurities kept out of your glass? System security acts similarly. Ensure options—like advanced firewalls—are in place to keep your system safe.
Protect your data when it is simply being stored. Called “encryption at rest,” this strategy makes sure data is secure whether you are watching it or not. Pay particular attention to keeping data protected from publicly-accessible networks.
Secure data starts with secure applications. Review each of these five levels with any software or cloud provider you consider. How do they stack up against one another? Choose only the most secure for your sensitive data. One application we know offers security at more than seven levels including user, project, document, function, group, field and entity-level verifications.
Secure applications do little good if systems or servers are not stored in controlled access space. Do not neglect your building features (or those of your cloud provider) including state-of the-art, non-water fire suppression and raised floors, as well as a protected power grid and redundant electrical and internet. No intruder or weather emergency should cause you to lose everything.
Whether you are worried about the coming GDPR, trying to avoid a data breach scandal, or want to make sure your company’s proprietary information stays protected, discuss these five levels of security with your IT team and any application or service providers. You’re sure to find areas for improvement that will help!