The growing threat of the Covid-19 pandemic has forced authorities to enforce lockdown and pushed companies to run their operations remotely. As the number of people affected by the virus has touched over 2.5 million, the UK government has declared lockdown to curb its further spread. Many companies have completely closed their offices and require their staff to work from their home. The requirements for social distancing have forced companies to have over 50% of their employees working from their homes and a significant amount of projects getting outsourced. All these measures, while preventing the further spread of the novel coronavirus, will increase concerns about GDPR compliance.
So as a growing outsourcing company, what are the steps that we are taking to comply with GDPR and our clients’ data-security concerns?
- Secure Remote desktop connections, so the data remains to the office computer only
We use the most advanced security systems to access data stored on office servers. All data transfers are encrypted using the latest and highest encryption systems.
- Secure Internet with good speed
We do not allow Remote Desktop connections over the open internet. VPN is used to securely access the network to prevent the computer from exposure to open Internet. Mutual encryption authenticates for both client and server.
- Disable the function to migrate the data with RDP connection
We create systems to prohibit drive redirection within Remote Desktop connection to disable the function of data migration.
- 2-Step verification for all cloud-based software
We use not just a complex password, but 2-step verification for authentication for all cloud-based software. Even when the legitimate credentials get compromised, the multi-factor authentication adds another layer of security.
- Disabled printing and download option
File download and printing is another potential threat to data transfer. But we have taken steps to prevent and disable all forms of data download and printing.
- Limited access to Google search engine
Limited access to search engines like Google and popular websites prevents tracking online activities and creating any potential security threats.
- Awareness seminar for employees for “How to be GDPR compliant during Covid-19 and WFH
We also run online awareness seminars for employees to teach them how to comply with GDPR, especially during these times of the pandemic and the need for working from home.