by johnt
24. November 2010 10:49
The Information Commissioner has handed out severe penalties to two companies for breaches of the Data Protection Act.
Clients of data8 can be assured that any data they send to data8 via their website will arrive securely and while here will be subject to the highest security. When uploading or downloading data to or from our website, it is fully encrypted over the same type of SSL encrypted web connection that is used for online credit card purchases.
Whilst there is no substitute for a fully documented security policy based on standards such as ISO27001 or DataSeal, here are our 3 golden rules which can help -
- Keep all data on your servers. Data on servers can be physically secured and easily audited. Once data is off the servers it is much more likely to be accessed - most security breaches seem to involve laptops going walkabouts.
- Don’t email data. Emails are easily accesible on many systems. iPhones and Blackberrys have full access to sent items and it only takes a moment for data to be forwarded.
- Always ensure data is encrypted during data transfer. Ensure anything sent over the web is secured by SSL. If you must send us data by a method other than our website, please ensure it is adequately encrypted prior to sending it. The most secure method for this is PGP, available commercially from www.pgp.com, or a free version from www.gnupg.org. This allows you to encrypt your data using our public key in a way that only we will be able to read even if someone intercepts it.
It is important that all clients review how they store and transfer data to and from sites, if you need to know the most secure way of getting your data to us and how to receive it back we would be happy to help. Please speak to your account manager.