Data Encryption, Data Security & GDPR
Data security encryption – The most essential data security practice.
Data encryption uses a mathematical algorithm to scramble or encrypt data. Once the data has been encrypted, one needs a secret ‘key’ to again unscramble or de-crypt the information. So even when someone unauthorised would get their hands on the data, it would read complete gibberish and as a result any data within can not be read or exploited.
One should ensure that personal data is always encrypted both when stored and when transmitted, and that appropriate access control and backup procedures are in place.
Most modern computer/devices and software offer encryption, and most of the time it is just a matter of clicking the right option to enable it. Do ask your software vendor or IT support teams about data encryption.
Data Security Encryption | We listed some questions below to start the conversation:
- Can you confirm that all hard drives of desktop computers, laptops and severs are encrypted?
- Can you confirm that my website traffic is encrypted using the appropriate SSL certificate?
- Can you confirm that all databases that hold personal data are encrypted?
- For those working remotely can we set up a VPN service?
- Can we implement password manager software so all staff can manage passwords securely?
For more GDPR-related information, see our GDPR Knowledge Base on Data Security or our post on GDPR Compliance checklist for the SME.