Tackling data security risks under the GDPR

By Lancashire Business View

09 May 2018

andrew-stellakis-q2q-1000x500.jpg
By Andrew Stellakis, managing director, Q2Q IT

It’s been a dot on the horizon for months, but now the 25 May is looming and the GDPR is well and truly in sight, data security has never been so important for SMEs.

The level of scrutiny surrounding cyber security in the media means that a data breach could cause significant reputational damage – a mere glance at the headlines reveals companies being named and shamed for failing to protect sensitive information relating to customers or employees.

And under the GDPR, the consequences for such an error will be even more severe. When it comes to financial penalties, for instance, a data breach could result in fines as high as £17m or 4 per cent of global turnover – whichever is more.

Of course, for smaller businesses with limited time, budgets and human resources, implementing Fort Knox levels of defence isn’t as achievable as for larger corporations. But when it comes to mitigating risks and ensuring that personal data is effectively protected, there are a number of measures that SMEs can take.

Firstly, it’s crucial for companies to understand what sensitive information they hold, the risks out there and the rules governing data processing under the GDPR. It’s only by identifying existing gaps in defences that these can be filled.

Increasing awareness of these issues amongst all employees is essential – an SME’s workforce can either be its most effective shield or biggest vulnerability in the data security battle, so team training is vital.

The security principle of the legislation rules that “appropriate technical and organisational measures” must be taken to protect data.

So, when it comes to guarding against external threats, companies should ensure that robust processes such as file encryption and two-factor authentication are implemented, all software and hardware is regularly updated and cyber-security defences are installed – including firewalls and anti-malware.

SMEs with a Bring Your Own Device (BYOD) approach should be especially vigilant, and introduce a policy to ensure that any laptop, tablet or smartphone used to access business data is adequately protected.

Permissions should also be limited, to ensure only those who need file access to fulfil their role are granted it. Similarly, it’s important for companies to actively minimise the volume of personal data that they store and process – the GDPR rules this must be “limited to what is necessary”, so irrelevant information should not be held for the sake of it.

In the event that a breach does occur, having an effective back-up and data recovery procedure in place is invaluable.

Duplicate versions should be stored off-site or via the cloud and adequately protected, so that data can be restored if the primary files are compromised. For added peace of mind, enlisting an experienced IT provider can also be a cost-effective solution for companies that don’t have the in-house capacity or expertise to tackle data security effectively.

Latest news

1

East Lancashire Learning Group named UK digital transformation leader in CIO 100 Awards Andrew Dewhurst with the award win

East Lancashire Learning Group named UK digital transformation leader in CIO 100 Awards

09 Oct 2025

2

PHX Training appoints new business leader in Blackpool Jason Davenport PHX Training

PHX Training appoints new business leader in Blackpool

09 Oct 2025

3

Velocity seals Airbus extension worth up to $54m Velocity Composites Has Announced Its Entry Into The Us Market

Velocity seals Airbus extension worth up to $54m

08 Oct 2025

4

First speakers confirmed for Lancashire Business Day Dave Walker with Richard Slater at Lancashire Business Day

First speakers confirmed for Lancashire Business Day

08 Oct 2025

5

Hemmings steps down as PNE chairman as hunt begins for new investors Craig Hemmings

Hemmings steps down as PNE chairman as hunt begins for new investors

08 Oct 2025

Background image for hub sign up block

LBV Hub

Leverage Lancashire Business View platforms

Post your news
Post your events
Post your offers
Build your network
Improve your SEO
Gain coverage in the magazine
Sign-up
Events
CMI Level 5 Management and Leadership Course
UCLanAerialCampus.jpg.jpg
LBV Hub Seminars
21 Feb 2025 - 21 Feb 2026

CMI Level 5 Management and Leadership Course

Preston Campus, Preston , PR1 2HE

09:00 - 17:00

CMI Level 5 Project Management Course
UCLanAerialCampus.jpg.jpg
LBV Hub Seminars
21 Feb 2025 - 21 Feb 2026

CMI Level 5 Project Management Course

Preston Campus, Preston, PR1 2HE

08:00 - 17:00

Help to grow management course
Help to grow - barriers to growth.png.png
LBV Hub Seminars
26 Sep 2025 - 16 Dec 2025

Help to grow management course

Preston Campus , Preston , PR1 2HE

09:00 - 15:00

Empowering Franchise Growth in the North West
Empowering Franchise Growth in the North West event
LBV Hub Seminars
09 Oct 2025 - 09 Oct 2025

Empowering Franchise Growth in the North West

Forbes Solicitors, Sceptre Way, Walton Summit Centre, PR5 6AW, PR6 6AW

08:00 - 10:00

Empowering franchise growth in the North West
TFA Event - Empowering Franchise Growth.jpg.jpg
LBV Hub Seminars
09 Oct 2025 - 09 Oct 2025

Empowering franchise growth in the North West

Forbes Solicitors Sceptre Way Walton Summit Centre , Preston, PR5 6AW

08:00 - 10:00

Advantage: AI – A Workshop for Business Leaders – Oct 10th
Ai 10.10.png.png
LBV Hub Seminars
10 Oct 2025 - 10 Oct 2025

Advantage: AI – A Workshop for Business Leaders – Oct 10th

Door4 Office, Burnley Wharf, Burnley, BB11 1JG

09:00 - 12:00

The New Employee Rights Landscape: Day One Compliance Essentials
EventBrite NORi - 15th Oct 2025 Webinar.png.png
LBV Hub Webinar
15 Oct 2025 - 15 Oct 2025

The New Employee Rights Landscape: Day One Compliance Essentials

Microsoft Teams, Microsoft Teams, PR253XH

13:30 - 15:00

Unlocking major project opportunities in the North West
Lancs-cham-logo.jpg.jpg
LBV Hub Seminars
15 Oct 2025 - 15 Oct 2025

Unlocking major project opportunities in the North West

Strathmore Hotel, Morecambe, LA4 5AP

08:00 - 10:00

The Business Network Central & East Lancashire
LBV Header (26).png.png
LBV Hub Networking
16 Oct 2025 - 16 Oct 2025

The Business Network Central & East Lancashire

Stanley House, Blackburn, BB2 7NP

11:30 - 14:15

October Freelancer Meet-Up
LBV Hub Networking
16 Oct 2025 - 16 Oct 2025

October Freelancer Meet-Up

Society1, Coworking Space, Preston, PR1 3LT

10:00 - 11:30

The Autumn Re set - pour me a wine
LBV Advert_Autumn Reset 1200 x 630px.png.png
LBV Hub Networking
16 Oct 2025 - 16 Oct 2025

The Autumn Re set - pour me a wine

The Artistry House , Preston , PR1 3JJ

17:30 - 19:30

Women scaling up Blackpool Fylde and Wyre
LBV Hub Seminars
22 Oct 2025 - 09 Jan 2026

Women scaling up Blackpool Fylde and Wyre

The Small Business Academy, Blackpool, FY4 5JX

09:30 - 15:30

Advertise with us

Reaching 50,000 members, our print, digital and event platforms offer a fantastic way to raise your business profile and help you grow.

Find out more LBV124 Online Graphic
Subscribe now

Weekly news bulletin