Telecoms security and GDPR
GDPR is changing the way you communicate with people. It is changing how you manage the personal data you have about these people. The legislation changed 18 months ago and you have until May 25th 2018 to be able to demonstrate you are compliant.
It is not our role to tell you of how to manage your data, but we can help with one of the key aspects of the GDPR regulations: security.
Data breaches and data loss can have a huge impact on your business. Let’s forget about the fines for a moment; the reputational damage can be huge. If people don’t think you are securing their data properly, they aren’t going to trust you with it.
Your telecoms solutions can have a big impact, so let’s look at the areas you need to consider as part of your GDPR planning and implementation.
Your internet connection
1. Unencrypted WiFi can easily be hacked, exposing your data. Whether that is your office WiFi (including guest access) or other WiFi connections your staff use, there is a risk.
2. If your internet connection is slow for your staff, you risk them using Shadow IT for their needs
Your Mobile phones
3. If you have a BYOD policy for mobile phones, do you let your staff get their work emails via their phones? That personal data will be outside of your control and therefore a risk.
4. Are people allowed to charge their phones by plugging them into their PCs and laptops? If the phone has a virus or malware, that can easily get onto the laptop and then, potentially, on to your network.
5. Can you wipe all data from a company mobile if it is lost? 90 mobile phones a day are left on the Tube network alone!
6. How are the devices locked? Simple PIN numbers can be bypassed or guessed relatively easily (your birthday? Your partner?)
Your desk phones
7. Do you allow people to programme numbers into their desk phones? If a Right To Erasure claim comes into your business, how will you know what devices that person’s details are on?
8. If you haven’t got QoS on your internet connection to ensure good quality voice calls, your staff may start using other solutions. Skype, WhatsApp and IM solutions can quickly and easily be set up and you have absolutely no control over how they are used and what personal data is being sent over them.
If you want more information on how your use of telecoms can impact your ability to meet your GDPR needs, please give us a call on 08000 92 62 32.