Become GDPR Obedient Before They Issue You with a Vicious Fine

In current months as you’re almost entirely aware, both British Airways & Marriott Hotels have hit the headlines due to tremendous GDPR fines – £183 million for British Airways and £99.2 million for Marriott.

The punishments show that the General Data Protection Regulation has given enforcers like the UK’s Information Commissioner’s Office, some considerable tools to work with. BA’s fine is almost 400 times larger than the ICO’s previous record fine – a pointless $645,000 penalty handed to Facebook for the Cambridge Analytica scandal.

With these new consequences in strong action, we very much suggest you make sure you’ve lessened your risk of being next in the firing line.

GDPR is centred on defending European Union citizens and it applies to anyone who holds personal data on an EU citizen, wherever you are located. Marriott, a U.S. organisation, is a prime case in point.

Here are five best rules we advise all businesses stick to, in order to decrease the risk of an irreversible GDPR fine:

1. Update systems, patch frequently. Lessen the risk of a cyber-attack by fixing issues that can be used to gain entry to your systems illegally. There is no boundary, so everything matters: patch everything you can get hold of.
2. Safeguard personal data that’s in the cloud. Treat the cloud like any other network you own – close un-needed ports and services, encrypt data and ensure you have proper access controls in place. And do it on all your positions, including QA and development.
3. Limit access to confidential data. Lessen your exposure by collecting and retaining only the information you need and making sure only people with access to it are the people who need it to do their jobs. Not everyone needs admittance.
4. Teach your business. Ensure that everyone who might come in to contact with personal data knows how they need to handle it – this is a GDPR obligation. Whether they’re involved with computers or not, everyone requires training.
5. Document and prove data protection actions. Be able to show that you have thought about data protection greatly and have taken sensible precautions to secure personally identifiable information.

Want to get the best solution for your business?

At Tristar Tech Solutions, we take a security-first approach to technology – ensuring our client’s systems are best protected.

If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might be and identify actions to take.

To book a consultation or to arrange a further discussion, please get in touch.

If you’re looking for IT support in Hertfordshire or IT support in North London, contact us today, and a member of our team would be more than happy to advise you.