Five steps to secure data

By David Hendry

Five steps to secure data

Data Protection has been in the spotlight for the last few years as more and more cases of theft and security breaches occur.

Businesses can take five relatively simple steps to improve their data protection and ensure they give consumers confidence and the right experience.

1) Data Location

The first step is to actually understand where data is stored. Some businesses use a range of different mediums to store information but the more of these you have the more risks you face. You’ll need a specific plan for each type of storage you use. Keeping this number to a minimum will help to reduce the potential for issues.

2) Policy 

Next you should put a need to know policy in place. By limiting access you cut down on the number of people that are involved and the potential for errors. Access should be limited to people you trust and you should have systems in place to log who accesses what and from where.

3) Network Security

The security of your network is very important, particularly when you consider that malware is changing daily and thieves are getting more and more sophisticated. You’ll certainly have a firewall and other protection in place but you need to make sure they are up to date and performing properly. The security coverage should also extend to mobile devices if you allow people to connect to your network with them.

4) Data Management Plan

A data management plan is essential and will help you to keep on top of records. You’ll need to have an idea of which details you must protect and how long you want to save them for. You should look at the vulnerabilities of your system and make sure these are the areas that you invest in protection. As well as electronic records consider paper ones and handle them securely. You must also account for the safe disposal of information.

5) Educate Employees

The final thing to do is perhaps the most important; you need to educate everybody to make sure they understand their risks and obligations. You can build a security culture where everybody takes steps to protect data and keep it secure. You also need to ensure you account for periodic upgrades and training so you stay up to date. Contact our expert team if you are in need of any assistance with your data strategy. We have the knowledge and experience you need to provide complete information assurance.

What data protection measurements  have you put in place for your business?

Contact Us

Send us a Message

    We would like to use your contact information to send you marketing and promotional materials and special offers by email from time to time. We may only send information to you in this way with your consent. Please indicate whether you consent to us contacting you in this way for those purposes. You may withdraw your consent at any time by clicking the unsubscribe link in our emails.

    We are always happy to make contact with you by either phone, email or a face to face meeting at our office or yours. We work standard UK office hours – every week day 0830 to 1730.


    We have been receiving complaints over the last few weeks from people who have received unsolicited direct marketing calls from a company called The Protection People.  We should like to point out that we are Data Protection People and have nothing to do with those calls.

    We have been advising those people who have contacted us that they should make a complaint to the Information Commissioner’s Office (ICO) using this link  It would be helpful to the ICO if you knew the number that called you, the date and time of the call and what the call seemed to be about.

    You might also want to register your phone number with the telephone preference service (TPS), a national suppression service which should cut down calls of this nature as it is not lawful to make unsolicited direct marketing calls to numbers registered on the TPS.  You can register your number here

    We know that these kind of calls can be distressing and intrusive and you have our sympathy.  Please do not hesitate to contact us if you would like to discuss it with us otherwise we’d encourage you to report it to the ICO as notifying them of this kind of practice enables them to investigate and take enforcement action where necessary.  You can see the action that has been taken by the ICO here

    Data Protection People Limited – March 2021