But don’t panic. There’s still time to take a look at your data practices. GDPR is too big a topic to compress into this entry, but here’s a brief list of the areas you need to consider:
- Where does our customer data come from?
- Are our customers aware that we hold this data?
- Who has access to it?
- How/when do we process it?
- How do we secure it?
- How/when do we delete it?
- How do we enforce/monitor all the above?
- Who is responsible for enforcing/monitoring all the above?
Most of these issues are to do with the practices and processes of your individual business but of particular interest to us, here at Aflex HQ, is “how do we secure it”.
With the tools at our disposal, we can provide you (or your information officer*) with monthly reports showing any and all vulnerabilities in your network, devices and user setups. It could just mean switching on that computer in the corner that hasn’t been used for 3 weeks in order for it to collect the latest patches. Or it could mean that temporary external access for a third party supplier to a particular computer needs to be rescinded. Or it could mean that a user has a rule setup to forward email to an external account. In any case, you can be confident in an up-to-date and regular network security report.
Contact us today to discuss how our anti-virus, patch management and network scanning tools can assist you in implementing your GDPR policy.
* As part of GDPR larger companies are required to appoint an information officer.