GDPR is fast approaching - How far have you got?
As you are all by now aware, GDPR is to become enforceable on the 25th May of this year.
This affects everyone without exception and you should be well on the way to compliance.
We have been working hard to get our systems GDPR compliant and to ensure that our own internal network is secure as well as the networks that we use and recommend to you, our customers.
In order to do this, we have prepared testing methods and security reports that can test not only your networks security but also potential vulnerabilities in the local PC’s and laptops. They will check the routers and firewalls to make sure that there are no dangers there and we will then be able to use the report as the basis for any remedial work that may be required.
With regards to Cyber Security, there are 5 key tasks that need to be undertaken.
Firewall – Protect your internet connection with a firewall. Keep it updated and ensure that it is secure
Ensure that your devices all have the most secure settings and are up to date
Control who has access to the data – review rights to files and folders and understand the concept of “least privilege”
Protect yourself from viruses and other malware
Keep all devices and software up to date.
These are all tasks that we already help our customers with and for many we manage them on an ongoing basis.
However, there are often many different people involved in the IT within a Company – there are often bespoke software companies involved, internal IT people and additional service providers. It is therefore important to use this time to challenge the security of the systems in place and to use the reports to enhance the systems and protect your data.
Once this has been done we can help you gain certification in the Cyber Essentials program.
In addition, there is the paperwork side of GDPR. New policies may need to be written and distributed to staff. Additional training will be required – albeit most of this is self-learning.
Data Protection – Including Data Processor Agreement
IT usage Policy – To govern applications such as Facebook and Google
IT Service Agreement
So, where can I get help and what should I do first?
Well, the quick answer is to start to read up on GDPR and have an understanding of it’s principle purpose – to protect personal data. Work out who will be best placed to be the designated Data Controller and to work out who your data processors are – internally and externally. Document everything that you are doing and have done to start on the compliance route, include all seminars attended and documents that you have read.
Ask questions. We can help you on the road to compliance and we can also point you in the direction of our partners that we have used to help us on our journey to compliance.
For Everything IT, come to us and we can prepare System Security Reports, Vulnerability Reports, Systems Audits.
We have invested in software that is linked to our Remote Management tools in order to help our customers with this process. From as little as £ 100.00 plus VAT we can run the audits and prepare the reports and then work with you to perform any remedial work – working with all specialist software companies that you may use where 'user rights' to the programs may be affected.
This is not going to go away and is certainly not a topic to bury your head or ignore so pick up the phone or write us an email and let us help you in the process. We will endeavour to help make your journey as painless as possible.