Encrypted USBs and GDPR
Many businesses are already feeling the growing pressure from the arrival of GDPR in May 2018, but what exactly is it and how can Encrypted USBs help to ensure your business is compliant with the new EU regulation?
What is GDPR?
GDPR stands for General Data Protection Regulation. It is a new regulation which seeks to replace the outdated Data Protection Directive which EU firms have adhered to since 1995.
It will bring in a host of new regulations that companies within the UK will need to abide by including...
- Appointing a Data Protection Officer/s (DPO) in large organisations to manage data and report potential data breaches to governing bodies.
- Establishing a cybersecurity programme which protects all sensitive data handled by an organisation.
- Improving the security of data processing standards to ensure data is not easily misplaced or misused.
- Documenting accountability- keeping up to date records of any data breaches that have occurred (even near misses) and report any breaches to as soon as possible.
- Understand consent - all companies must provide proof of consent in order to contact individuals beyond the original transaction.
What will happen if I don't comply with GDPR?
The official guidelines state that companies can be fined up to 2% of their annual turnover or €20 million whichever is greater in value.
This is for the most severe of violations including failures to report a substantial data breach, losing sensitive customer data, or not providing proof of consent when contacting large numbers of customers.
This is something that most businesses can't afford to not take seriously.
When does GDPR come into effect?
GDPR is already part of EU law and has been since it's approval on 14th April 2016, however, it is not enforceable until the 25th May 2018 onwards.
How do Encrypted USBs help firms become prepared for GDPR?
The key to becoming GDPR compliant is making small changes to everyday processes where data is used.
In general, companies that handle large amounts of personal data are the ones who must seek to adopt best practices when it comes to this new regulation. Financial, Healthcare and Education sectors, for example, are considered high risk for data breaches due to the amount of sensitive information they hold, however, generally speaking, all firms should be prepared.
Encrypted USBs help by ensuring that information shared between different parts of an organisation are secure at all times, which in turn addresses points 2 & 3 listed above whereby all data is protected and is processed in the correct way.
As well, if such USBs are stolen or lost it is deemed to be a security breach and NOT a data breach and therefore doesn't have to be reported to the supervisory authorities.
What Encrypted USB should I look at for my business?
Businesses should always look for hardware encrypted USBs as standard. These types of USBs are designed from the base up with security in mind and have protocols which operate separately to that found in a PC or OS ensuring that they cannot be easily hacked.
USB2U stocks a range of such USBs, including SafeToGo® USBs and Kingston USBs, both of which offer robust hardware encryption and password protection as standard.