Handling client data safely
- 29 Oct 2021
- Markel Direct
For self-employed professionals, keeping client data secure is essential as if a claim of a data breach was brought against you, it could put a financial strain on your business and even result in losing a client.
The average cost of a cyber security breach in the UK for businesses is £2,670 (1), although under GDPR, a business can be fined up to £17.5 million or 4% of its annual global turnover, depending on which is greater (2). As well as the financial burden, dealing with a data breach can cost a company it’s time – valuable time that could spent working on client projects.
In this article Markel Direct will provide you with five tips on how to protect customer data.
1. Use multiple types of security software
Hackers are continually on the search for easy targets and are finding more sophisticated ways of accessing private information. If you have multiple types of security software in place, such as data encryption software and anti-virus software, this will make it more difficult for hackers and will take them considerably longer to reach sensitive data. Protecting your company with firewalls and anti-virus software on all work devices used is a sensible option. In addition to this, using data encryption software will make it tougher for hackers to read the data if they do successfully breach your security. Encryption software will take your plain text and scramble it so that it’s unreadable and therefore remains confidential. This is known as ‘cipher text’.
2. Run software and operating system updates regularly
Anti-virus software provider McAfee state that 688 new malware threats are discovered every minute (3). Malware is continuously evolving with more and more new threats appearing each day, which is why it’s essential to make sure that you are regularly updating your security software and operating systems to help protect against these new threats. While updates can be time consuming, they’re definitely worth doing at the end of your working day on every device that your business uses - including laptops, tablets, smartphones and desktops.
3. Use a trusted cloud provider
If you tend to save a lot of documents on the cloud, including your client’s data, ensure that the provider you’re using offers a secure service and has an excellent reputation. Popular brands like Apple and Google offer a good level of security for their cloud service. If storing your data on your own private servers is better for you than storing your work on the cloud, make sure you work with a well-respected hosting provider who take adequate security measures. Check what security they provide before deciding which hosting provider to go with.
4. Enable remote wiping
If you travel to client meetings, work off site or work from home some days, you’ll likely be working from a portable device like a laptop or a tablet. Working away from your premises and travelling on public transport with these devices presents another risk when it comes to client data. If your laptop is stolen or you accidently leave in on the train, the sensitive data on that laptop is vulnerable to being accessed illegitimately. With remote wiping software, if your device is lost or stolen, you can delete this data remotely to prevent any potential data breaches. If you use Apple products, like a MacBook or iPhone, they provide a remote wipe function, as long as your device is signed up to iCloud. Google also offer something similar through the Google Apps Device Policy app.
When commuting, also remember to be cautious of using an insecure wi-fi network to access your work as this could risk a data breach. Stick to your own personal hotspot and be cautious of who can see your screen.
5. Consider the access your employees have
If you have any employees, it’s wise to put limits on employee access to client information. You can do this by password protecting confidential documents or having access limitations on folders. If you do provide access to members of staff, make sure you update passwords and access rights when employees leave your company, especially if you store data in the cloud. If a staff member’s employment didn’t end on good terms, it’s even more important to make sure you do this to prevent any vengeful stealing or deleting of clients' private data. Passwords should be sophisticated, using a range of upper and lowercase letters, symbols and numbers to prevent them from being guessed. Avoid using the same password more than once.
Protecting against data breaches
Along with having company policies for gathering, storing and using sensitive data, you should also have policies in place for removing outdated and old data. If you follow the five points we’ve outlined in this article, this should improve the safety of client data however if the unfortunate situation occurs where you’re faced with a data breach, it pays to be insured.
From as little as £6 a month*, cyber insurance can cover:
- The costs of restoring data and equipment
- Informing clients of a data breach
- Ransom demands
- Loss of your net profit
- Your legal defence costs and damages you are legally liable to pay to other parties
To find out more about cyber insurance, visit www.markeluk.com/business-insurance/cyber-insurance.
*Price stated refers to the starting price of cyber insurance from Markel Direct as of 25/10/2021. Prices may vary depending on your occupation and annual turnover.
Meet the author
In this blog, we take a closer look at the court ruling which sparked recent investigations into deemed Managed Service Providers.
- 26 May 2022
In this blog, an anonymised contractor explains how HMRC's MSC investigation has impacted them.
- 11 May 2022
It's never been more important to incorporate sustainable practices within business. Discover the simple ways you can be more sustainable as a freelancer.
- 21 Apr 2022