JOSEPH BLASS, chief executive officer of IT and telephony provider WORKPLACELIVE, urges charities to address IT security issues such as ransomware.
Tag archives: Published Article
With the onset of GDPR (General Data Protection Regulation) in May 2018, data protection requirements will become more stringent. The responsibilities placed on an organisation relating to the data it holds will be two-fold:
•As a data controller (where the organisation enters and maintains personal data), the organisation must comply with rules concerning consent, access and transfer-ability
•As a data processor [where the organisation holds data on its own servers] it must follow regulation by ensuring high level cyber security, physical hardware security, strict backup regimes, firewalls and auditing. For example, a data processor is responsible for monitoring the access to the physical equipment on which the data sits, and the route the data takes to be processed. A good way of doing this is to produce an access control policy, which clearly sets out roles and rights of staff members, only allowing staff with sufficient rights the ability to access system.
What’s an organisation to do?
JOSEPH BLASS, chief executive officer of IT and telephony provider WorkPlaceLive, says charities need to address the range of security issues related to the use of IT whether directly via their own efforts or via the hosted desktops aspect of cloud computing.