Physical Data Security for GDPR Compliance

More than 50 per cent of organisations do not use a physical lock to protect their IT equipment, according to the Kensington IT Security & Laptop Theft Survey.

The General Data Protection Regulation (GDPR) states that practical steps must be taken to secure sensitive data. The Information Commissioner’s Office (ICO) recorded nearly 700 data security incidents between April and June 2017, of which 3.5 per cent resulted from data being kept in an insecure location, or theft of the only copy of encrypted data.

In the finance sector 256 per cent of reported data breaches are down to lost or stolen devices.

A physical security plan is vital to protect data. The devices on which data is stored need to be safeguarded, and the plan must extend to remote workers. In-roads to data breaches can come from anywhere in the organisation. Devices such as laptops, personal computers, tablets, portable drives and smartphones must all be protected. Also bear in mind that your insurance provider will have particular requirements when it comes to physical security measures. These must be adhered to if your cover is to remain valid.

The following measures should prove helpful in securing your data in a physical sense:

Portable Device Lockdown

Ensure all portable devices are stored in an insurance graded safe when not in use. Set a lock-away policy for staff leaving their desks, even if it’s just to attend a meeting or take a break. Never leave portable devices in a vehicle. Invest in a custom designed lockable laptop case to keep your devices safe when you’re on the move. It also stands to reason that the utmost care should be taken when travelling on public transport with portable devices.

Office Lockdown

Regardless of whether your office is located within your home, or in commercial premises, it is crucial that it is securely locked when you are not in it. Ensure you use British Standards approved locks and that these are professionally fitted. If you don’t, you may be in breach of insurance requirements. Door bars, grilles and shutters add another layer of security where workspace is particularly vulnerable, such as offices on ground floors.

Record and Monitor

CCTV monitoring doesn’t only provide vital evidence in the event of a break-in, it also acts as a deterrent AND, when combined with motion detection, prompts alerts to be sent to a smartphone or tablet. Real time images of what’s going on in your business premises will help you take the appropriate action to protect what is valuable.

Control and Deter

Security lighting deters intruders by literally putting them in the spotlight, whilst access control allows you to manage precisely who enters your premises. Even if you work from home, you can see who is at your door before opening it using a smart doorbell. On a larger scale, you can control access to your premises via codes, fobs and swipe cards or even biometric entry via the likes of fingerprints or iris recognition.

Always Take Specialist Advice

Not sure what security measures to put in place? Always talk to an experienced, accredited security expert before you make any investments. Tailored advice will make all the difference.

Regular Bulletins

Sign up to our regular Office Assistants newsletter and get special offers and discounts.

Sign up

Investors in PeopleThe Institute of Certified Bookkeepers

Company's Practice Number: 4635

This website uses cookies as outlined in the cookies policy