IT and Communications
Solutions for Business
023 9379 0001
Alternatively you CAN email us here

Uncategorized
GDPR and Your IT: You Can Cope With the Challenge

02 May
2018

GDPR and Your IT: You Can Cope With the Challenge

Author: GTI Computers
Comments: 0
No tags here

The closer to the day X when General Data Protection Regulation (GDPR) coming into force – 25th of May – the more hype we all spectate around.
As we receive many questions from our customers and the next door companies, we have conducted a short networking meeting with local Portsmouth businesses to share and discuss our ideas of how they can prepare for the big challenge.

“Better to do something than nothing,” stated David Grenfell, managing director of GTI Computers at the beginning of his presentation. The speech has covered a single, but very complex and vital aspect of GDPR – personal (and any other) data protection and cybersecurity. There is a ton of changes every company should design, prepare and implement.

Devid Grenfell, MD of GTI Computers

There are three main points of attention regarding data protection:

>> access to data;
>> data security;
>> data on the move (portable devices).

What IT tools and methods any business should have in their hands?

Here is the list of basic, yet must-have, IT tools. They are widely available for and affordable by micro, small and medium businesses.

Windows Security
This tool restricts access to particular information and resources to whom it necessary within a company. As a result, security risk caused by a human factor could be reduced substantially.

Anti Virus
Remember, that viruses could not only corrupt data and systems; viruses can steal data or lock it (by ransomware). Anti-malware products keep this potential headake away from users (ESET / Malware Bytes).

Email SPAM filtering
Email is one of the most common security threats channels. Anti-SPAM not only reduces the amount of junk in your inbox (means save your time) but also checks emails for viruses and other malicious software. Hosted services are economical and the likelihood of being compromised.

Two (of Multi-) Factor Authentication aka 2FA or (MFA)
A method of confirming a user has claimed identity by utilising a combination of two (or more) different factors:

  1. something they know;
  2. something they have; or
  3. something they are.

The method is widely in use nowadays as it showing the high level of access protection. Plenty solutions on the market that won’t break the bank.  MFA/2FA applications are available from many security vendors, for instance, ESET.

Encryption
Encryption is a process of encoding a message or information (data) in such a way that only authorised parties can access it. When you move data – on a laptop/tablet/smart-phone/USB storage device – it is wise to encrypt it as it is at risk during transportation. In the unfortunate case of losing the device, you will be happy to know that the precious data on it will not come to unwanted hands.

Since Vista time Windows includes BitLocker, yet other products widely available.

Virtual Private Network aka VPN
A network constructed by using public lines (the Internet) to connect remote computers and servers uses encryption and other security mechanisms to ensure that only authorised users can access the network and the data it holds. If you make use of an external data resource – a head office or a central server – consider the implementation of VPN.

Network Attached Storage devices aka NAS
Many micro and small companies have a significant amount of data spread over a number of machines which makes control difficult. Data stored in centralised location (not on someone’s PC) make it possible to manage access restrictions and secure it.

Adding NAS device to a local network put a company data and information under control and in order which is one of the GDPR requirements.

Summing up:

>> GDPR concerns every organisation (whatever size or turnover);
>> Every company should define how to deal with personal data (and create tones of GDPR related processes and documentation. On the Information Commissioner’s Office website you can find a lot of information about);
>> And not forgetting to implement changes (remember about IT tools too).

Devid Grenfell, MD of GTI Computers

NO comments yet