You have to protect your data both at work and at home. It might be compromised not so much because of technical faults, but users themselves. According to the “Security Trends 2015” report, as much as 81% end users do not follow security procedures. Deloitte reports that as many as 58% respondents fell victim to what they considered misuse of their personal data.
Major IT risks that might lead to businesses losing their data, including personal data, are computer system breach, piracy, internet espionage, or system sabotage. In order to choose the right security measures, you need to specify the system, resource volume, and data sensitivity level. The next stage is selecting authorisation levels.
The key is your login and password, which you shouldn’t share with anyone. Business emails should be encrypted, and the files should be backed up once work has been finished. We should only disclose business information outside work. It’s also good practice put tape over you webcam and not use your private email or non-verified storage devices. It’s also recommended to keep your monitor at an angle preventing others from seeing files you’ve opened on your computer.
Employees should pay particular attention to document workflow at their company. You should never leave documents in a printer or a photocopier unattended, or on your desk after you finish work. All documents with personal data should be destroyed in a shredder, not thrown out to a bin. Protecting personal data in an organisation is not only about sharing just the information necessary to complete a job, e.g. you shouldn’t provide explanation of an absence on an absence list.
Taking care of personal data security applies to all personnel, regardless of their position within an organisation. Some organisations have already introduced standard contractual clauses on data protection. You can also request your employer to provide personal data protection training for our position.