Too Small For Encryption? 

Encryption is something you will no doubt use on a daily basis already, from online banking to shopping on amazon. But encryption in your workplace may be something you haven't considered. 

With the new GDPR regulations coming into affect as of May 2018, it is essential to consider your data security within your business. Encryption is one of the essentials to consider.  

Online Threat

Ensuring your data is protected and secure when online is the first step when looking at your IT systems. You may access your data stored in the cloud or on your office server when out of the office, you may share sensitive information between clients, suppliers or partners. Below are some basic areas to consider. 

1. If you are sharing sensitive information via email it is important to make sure that the information gets to the intended recipient. Commonly the biggest problem is human error, i am sure you have all sent an email to the wrong person and had to frantically withdraw the email or make apologies. Email encryption offers a secure way of sending sensitive information and attachments to ensure it gets to the correct person securely. 
2. If you have a server in your office and access it remotely, for email or accessing files it is essential to ensure that your communication is secure and encrypted. Not all VPN or remote access is secure, with older technologies still being widely used it is important to check and make sure you are using moden standards.
3. The cloud is a great option to ensure you are meeting security requirements and overcoming alot of the hurdles mentioned above. Most cloud products will provide a level of encryption that meets industry best practices, cloud services are also mostly up to speed with the new GDPR regulations. 

Physical Threat

A growing concern with security for the modern business is the physical threat of data. It is now very common for staff to work out of the office, at home, or whilst travelling. This poses an increased danger for data, a data breach can be manifested either from theft or from human error, where laptops are left behind when in meetings or on trains. In most circumstances the damage is not from the loss of the property but the data stored on the device itself.

1. Ensuring your laptops are encrypted will protect your data if your laptop gets into the wrong hands. Windows offers a free Encryption option on certain versions of windows. Alternatively we can offer a more advanced product that will allow for central management of all your devices. 
2. Data stored on USB memory sticks or external hard drives are also a risk, more commonly these devices are lost because of their small size. Data on these devices can be encrypted using software, there is also a new range of memory sticks that offer encryption built in to the hardware.
3. Mobile devices can be secured with both Encryption and mobile device management. There are several options available that can provide you with different levels of protection. offering device encryption and the ability to remotely wipe and lock device if lost or stolen. 

Business Processes

The most important change can be from user awareness and training. Ensuring your staff are aware of the rules and processes, to make sure they are helping to keep your data secure is paramount. 

1. Providing staff with training on the basics of data security when using company IT systems 
2. Setting procedures for staff to follow if a potential data breach has occurred, this ensures that measures are taken as quickly as possible to protect data.
3. Looking at the use of (BYOD) staff using their own devices such as phones or laptops to access company data. This is very common now a days , however the risks are not always considered. 
4. If not already in use implementing a strong password policy, and 2 factor authentication when using systems you access and use.

The above points are basic suggestions on ways to protect your data, for a more in depth analysis of your security we can offer security audits and reports to highlight areas that you may be falling behind on. We provide regular security assessments and guidance as part of our Manged IT Services to customers. 

For more information of help with your IT security and Encryption please get in contact with our team.