The visitor list at reception, a USB stick left lying around with customer files, an e-mail containing personal data: Employees aren’t often aware that they have caused a data leak. You can prevent this by automating data protection, explain Richard Snoeks and Joost van Lochem, Business Solution Consultants at Bechtle.
Data protection regulations have been protecting our personal information for many years. This kind of data (anything you wouldn’t find in a phone book) can’t just be collected for any reason—there have to be very good grounds. Moreover, the GDPR makes all EU-based companies responsible for protecting the personal data they process.
Business can be fined if they haven’t taken sufficient steps to prevent a data leak,” explains Joost van Lochem. “It is expected that these fines will increase when the law comes into force on 25 May 2018, which is why our customers are looking for IT security solutions to help them avoid data leaks.
The first towards preventing a leak is having an overview. Joost van Lochem: “Find out which personal data you have and how you use it. If necessary, contact a legal advisor who will be able to offer support.” Richard Snoeks continues: “Step two is to make sure that you have control over the technology and the processes. This way, you know who has access to your network and which permissions have been assigned and you have an insight into what is happening in your network.”
Joost van Lochem: “A data leak is mostly unconsciously caused by human error, but when data protection is automated, this can be eliminated. One of the security solutions available is a data management system with which you can define how specific data should be treated. An example is the automatic detection and protection of employee CVs or customer files. As soon as this has been defined in the data management system, the files can never accidentally be sent outside of the company.
This system also enables the collection of personal data to be limited. Think about customer data such as their home address and date of birth that is entered by someone in sales into CRM. A data management system can automatically locate and delete this data.”
There are a range of other solutions to boost enterprise IT security Joost van Lochem: “From multi-factor authentication and data encryption to receiving automatically anonymised e-mails to name just a few examples.
The type of company determines which solution is the best because personal data collected in accordance with the GDPR differ from industry to industry. Data protection policies within organisations also vary, but what’s important is to take a holistic view of IT security and that the solution fits your business’s needs.”
T +31 40 250 9010
T +31 40 250 9010