A month with GDPR - what was most discussed?
Sensitive data on public storage, passwords stuck on monitors, easily guessed passwords or phones without security. These are the most common data protection situations we have encountered during the month the GDPR has been in force.
Monday 25 June marked one month since the General Data Protection Regulation came into force. What has been most discussed during that time? We've put together a short overview. You may be surprised to learn that the vast majority of "problems" are linked to human distraction and failure to think through the consequences.
Sharing personal data on public servers
Wants to send another colleague or colleague a database but it won't fit in an email? He or she will most likely reach for a public storage or escrow server.
In this case, however, she is taking a big risk - such servers can easily be attacked and files stolen, even if they are encrypted. Moreover, during the month of GDPR's operation, we have also encountered cases where sensitive data has been on these storage sites without a password!
Network passwords in an accessible place
Frequent image: Those who can't remember their company intranet passwords write them down on a lstick and place it on a monitor or bulletin board. Beware, however - if strangers may be around that monitor or bulletin board (especially in reception areas or concierges), those passwords are like window dressing.
Simple passwords
About as often as with the above ticket on the monitor, we've encountered situations where people turn overly complex passwords into easier-to-remember passwords. Even so memorable that it's no problem to guess them within a few minutes. At that point, sensitive data is literally served up on a silver platter.
Secure phones, personal laptops
Many go even further with laptops or mobile phones. From passwords to fingerprinting, these devices always offer the option of security. If such an unsecured device is stolen, it becomes a gateway to personal data.
Absurd situation
We have encountered a situation where the receptionist, on arrival at the hotel, had us sign a multi-page sheet to approve working with personal data, while an internal staff list with all personal data was on the counter. Tadaaah! Take a look.
What situations have you encountered in relation to data protection during the GDPR? Have you encountered a particular problem and don't know how to deal with it? Do not hesitate to contact our specialists. We are here for you. Or perhaps you have found yourself in one of the examples? It will happen! We will help you solve it.