Data Breach Prevention

How do I prevent a data breach?Companies must ensure that data is adequately protected to prevent loss or theft. Where a breach has taken place, companies may need to notify individuals as well as face negative impact on the company’s brand and customer loyalty. Under the General Data Protection Regulation, companies may face fines of up to €20 million or 4% of annual turnover.

It is possible to minimise the risk of data breaches by following a number of best practices:

Up-to-date Security Software

Ensure software is updated and patched regularly to avoid weak spots for hackers to exploit.

Regular Risk Assessments

Carry out vulnerability assessments to review and address any changes or new risks in data protection. Consider all aspects, such as data storage and remote access for employees, and ensure that policies and procedures are adequate.

Encryption and data backup

Personal data should at least be encrypted, including on work laptops issued to staff. Instead of using backup tapes that can be lost or stolen, data can be backed up to remote services using the Internet.

Staff training and awareness

Train staff to follow best practices, be aware of the importance of data security and how to avoid mistakes that could lead to breaches. Awareness of sensitive data and security should be a part of the company’s culture.

Ensure vendors and partners maintain high data protection standards

When working with other companies that may be handling your customers’ data, make sure they also have adequate systems in place to protect data.

Third party Data Security Evaluations

Having a third party carry out a risk evaluation allows an objective and outside view of the current breach risks. A Data Security expert can advise on the best solutions specific to each company to reduce the risk of breach. This also demonstrates a serious intention to ensure data protection.

show all data breach penalties

Data Breach Penalties

Thought of the Day: Fined for appointing a Data Protection Officer? 0

The General Data Protection Regulation will require many organisations to appoint a Data Protection Officer (DPO). But, you must remember that there are specific requirements for who is appointed as

Read More

Thought of the Day: What would a £400,000 fine be under the GDPR? 0

Carphone Warehouse has been fined £400,000 following a cyber attack in 2015. Hackers were able to access the personal data

How big or small will the first GDPR fine be? 0

One of the biggest points to note about the General Data Protection Regulation is the potential of massive fines. It

British firms face £122bn in fines under GDPR regime 1

Hot on the heels of the warning that TalkTalk would have faced a £70m fine had its 2015 data breach

D-Day for GDPR is 25 May 2018 0

The European Parliament’s official publication of the General Data Protection Regulation means it will become enforceable on 25 May 2018

A Cheat Sheet for the General Data Protection Regulation 12

We all know it’s coming, we just don’t know precisely what “it” is yet. The General Data Protection Regulation (“GDPR”)

European Council approves EU General Data Protection Regulation Draft; final approval may come by end of 2015 0

Today the European Council approved its version of the General Data Protection Regulation (GDPR). The next stage is for the

show all data breach penalties