Sprout IT: Protecting client data

You have by now more than likely read the story of the barrister fined by the ICO for failing to keep her client's information secure. I wonder how commonplace the same security carelessness is within her peer group, through insecure local file storage and/or sharing. I don't wish to scare-monger; rather I wish to make clear, that it does not have to be difficult to exercise good practice. Remember it is your responsibility to look after your client's data. Firstly, ensure that any mobile device is encrypted to FIPS 140-2 standard. There is specialist encryption software available on the market to purchase, however most new laptop machines nowadays come with FIPs compliant encryption built-in (just make sure you deploy it properly and save the key securely!)

Secondly, beware of 'consumer' file sharing applications as you often have little control over where the data resides and in the event of an account breach, it presents a huge risk of your files being compromised.

Lastly, (and this is a long term commercial consideration) move towards a private cloud solution as your business environment. There are many things to consider when making the right choice of cloud solution and IT partner but holding your data in the cloud should mean you have access on the move to your files in a secure environment without the need to download locally.

Sprout IT can offer advice and assistance with all of the above and IT security in general. 

Post a Comment

Add your comment