Companies that deal with EU residents’ information must follow GDPR rules and regulations after May 25, 2018. Majority of the companies are still struggling with the compliance. In this article at TechRepublic, CIPHER Security technical director Dave Rickard discusses 5 employee policies with writer Alison DeNisco Rayome.
Following the GDPR Policies
Some companies have overshot the deadline while others are yet to know what the policies are. The GDPR rules and regulations not only affect the EU residents but also those companies that handle their information. As per Rickard, only 35 to 40 percent of companies are complying with the GDPR regulations. People are waiting to see if penalties apply on Facebook, Google, and Amazon. For now, the defaulters must pay up 4 percent of their worldwide revenue or €20 million, whichever is greater. Following are the policies companies should comply with and mentor their employees for:
- Data Encryption: You must make people aware of data encryption policies because GDPR stresses on that a lot.
- Usage: Your company’s end-user applications and services must ask customers what they can access. The organizations must also standardize the web searching behavior and how they networked on social media. Know what could pose a threat to your company.
- Passwords: Employees are still slack about their passwords. Hackers need just one password to breach your company’s database. So, educate your employees about security so that they do not leave their passwords on post-its.
- Emails: Emails are a good way to hack a system. The hackers must attract the victim to click on their malicious link to gain access. The companies must be more stringent about emails coming from other networks or outside the company firewall.
- Processing Data: Companies should have a record of who is processing their sensitive data and the purpose behind doing so. Employees must know how to handle sensitive data and the consequences if they fail.
To view the original article in full, visit the following link: https://www.techrepublic.com/article/5-data-protection-policies-your-employees-must-know-in-the-post-gdpr-era/