In this blog post we provide 7 tips for digitally secure operations. Under the General Data Protection Regulation, or privacy regulation, it is important to take technical and organizational measures. An information security policy is crucial in this regard, but in addition, actions on the shop floor and thus the awareness of the organization are also important to ensure digitally safe operations.
A number of my tips will feel like an "open door", but are extremely important in practice. Also, they are also actions that you can often implement within the organization with little effort when this is not yet the case.
1. Make sure your workplace is tidy. The clear desk policy ensures that company documents are not just lying around for the taking. In addition, your desk is clean and empty and other colleagues can use it.
2. Handle suspicious phone calls, emails and Internet sites with care. For example, consider an e-mail with a LinkedIn request or an e-mail from an unknown sender with a link. This is also known as Phishing. If you are unsure about the sender of a message, always knock on the door of the internal security person.
3. Do not allow unauthorized people into the office and to workstations. This sounds logical, but it happens that people without registering or logging in get access to different departments and thereby also to (confidential) documents. For example, do employees in your office visibly wear access passes? Then make sure everyone is aware of the policy, and that they feel comfortable addressing people about it.
4. Always lock your computer/laptop when you leave your place. Even if this is just to get a cup of coffee. This will ensure that no one can access your computer or laptop and your documents just like that.
5. Take confidential information home only when strictly necessary and when it is not possible to access it in a secure online environment. There are several reports of accidents or robberies which have happened to access data of big companys. If you need a personal injury lawyer in these type of cases for example in The Hague (Dutch: letselschade advocaat Den Haag) or a personal injury lawyer in Utrecht (Dutch: letselschade advocaat Utrecht) then this will cost you nothing. There have also been regular reports in the news about employees who have lost a USB stick containing a large amount of data. As an organization, you obviously want to prevent this. To set this up properly, for example, make sure you have a well-secured online environment to access information.
6. Make sure you have a different password for each system, Excel file, smart device et cetera. It is not easy to remember a large number of different passwords. A password manager, such as LastPass, is a convenient and secure tool to store all your passwords.
7. Make sure, even while on the road, that you are not using a third-party Internet connection. If you do have to, link your phone's Internet connection to your laptop or provide an Internet connection through a VPN connection.