GDPR Compliant Workplaces

By 13th September 2017Data Protection, GDPR

GDPR Compliant Workplaces

We’re used to hearing horror stories of laptops and USB keys going missing stacked full of data, or websites being hacked to access personal information; but despite spending huge budgets on securing electronic data, most companies still fall foul of new data protection regulations due to hard copy material.

GDPR (General Data Protection Regulation), which comes into force in May 2018, has once again shone a light on the subject of data protection and will introduce far reaching conditions on holders of data to ensure they are doing all they can to protect it. But walking around most offices, many have overlooked some of the most obvious breaches.

Working with clients to introduce print efficiencies and reduce costs, we spend a lot of time around printers, scanners and other networked devices that hold and generate significant amounts of data. Whilst most workstations are secured, it is amazing how few devices, such as printers, are not.

Printers are, to all intents and purposes, PC’s and if they are not protected can provide the same level of access to your network and data (as demonstrated in this HP video). Furthermore, incorrectly configured print management systems can result in secure and confidential documents/data popping up on machines around the building and not always in the right places. Not a problem if you remember to pick them up immediately, but how many times do we forget, leaving the content on display for anyone looking?

In the last 20 years, secure destruction of documents has avoided personal data ending up in freely accessible bins or blowing down the street, but these bags of documents are a data dream, all neatly packed together in a handy bag that can be picked up and taken away. How easy is that? By putting documents in these bags, we get a false sense of security, but actually all we are doing is creating a nucleus of data.
So, as we help clients prepare for the introduction of GDPR, one of the first things we do is a walkaround of their premises to point out these seemingly obvious issues. You’d be surprised how many organisations with highly secure, locked down IT processes are undermined by the simplest things.