SMEs

Don’t assume it’s only ‘big business’ that hackers are interested in. A government report “Small businesses: what you need to know about cyber security” pointed out that 60% of small businesses have experienced a breach of data security of some degree.

So, we strongly suggest that you take on board the following ‘top tips’. 

KNOW WHAT DATA YOU ARE COLLECTING AND UNDERSTAND THAT CERTAIN PRIVACY OBLIGATIONS MAY APPLY. 

You will need to know who you are collecting personal data from, how you are using it, with whom you are sharing it, where you are storing it, how long you are retaining it, and how you are disposing of it.

BE TRANSPARENT ABOUT YOUR DATA COLLECTION, USE, AND SHARING ACTIVITIES AND BE ACCOUNTABLE.

You might be tempted not to disclose your data collection, use, and sharing activities at first. Or, you might be tempted to do the opposite and make certain promises that may not be able to keep later on. Remember, your transparency and accountability will go a long way towards building your data relationships and fostering trust with your customers and other organisations that you do (or want to do) business with.

 TRAIN YOUR STAFF

A ridiculously high number of successful security incidents is reportedly caused by human error. While there is nothing that you can do to influence malicious hackers, you can train your workforce on their role in privacy and security, to help them avoid committing these errors.

MAKE SURE YOU CAN RELY ON YOUR CONTRACTORS

 Make sure that you continue to protect personal information as you hand it over to third parties during the course of doing business.

Many small businesses outsource some or all of their IT requirements to a third party. You should be satisfied that they are treating your data with at least the same level of security as you would.

KEEP YOUR IT EQUIPMENT SAFE AND SECURE

You need to recognise that your IT equipment may be at risk and take appropriate technical measures to secure it.

The physical security of equipment is important to consider as devices containing personal data could be stolen in a break-in or lost whilst away from your office.

Processing data in the cloud represents a risk because the personal data for which you are responsible will be processed in systems managed by your cloud provider. Make sure you know what data is being stored in the cloud.

GET A DATA PROTECTION POLICY

A good policy will enable you to make sure you address the risks above in a consistent manner.

Call now on 033 0088 2256