Why You Should Consider Physical Security With GDPR

Why physical security is important with the GDPR

May 2018 will see the implementation of the EU’s General Data Protection Regulation (GDPR). This regulation will require businesses and organisations to have security practices in place for both electronic and paper based data as well as notifying any affected or potentially affected individuals in the event of a data breach.

Not just limited to the EU, it requires organisations globally that either control or process personally identifiable data about people in the EU. For more information about what the GDPR brings that is new, take a look at our article from Rexel that discusses the new regulations more in depth.

What is understandable though is that it is important that organisations to be fully prepared for the GDPR. This means being prepared not only digitally by ensuring that there are security preventions in place against hacking and malware, but also preparing for physical security.

Organisations Not Thinking About Physical Security

Physical security may not be something that many organisations think of, with our world becoming more digital based. But this is something that should not be forgotten as research from the Kensington IT Security & Laptop Theft Survey1 found that more than half of organisations actually fail to use a physical lock with their IT equipment2.

This is bad news for organisations as it means that physical IT hardware is open to being stolen, which in turn can lead to non-compliance with GDPR if the hardware contains any personal information about people in the EU. 697 data security incidents were recorded between April and June 2017 by the Information Commissioner’s Office, the UK’s data protection regulator.

Of these, 6% were because an unencrypted device was stolen with a further 3.5% being due to data being in an insecure location or theft of the only copy of encrypted data. For the financial sector, a startling figure is that 25% of breaches are because of devices that are stolen or lost3. The healthcare industry is not immune either, with 32% of 100,000 security incidents in 82 countries found to be due to the physical theft or loss of devices4.

What is particularly worrying when looking at these statistics is that a third of businesses report not having a physical security policy in place. These policies help to protect electronic assets including laptops and mobile devices.

With remote working becoming more popular across the United Kingdom and businesses slowly encouraging this more, the physical security of laptops and mobile phones is more important than ever. The good news for organisations is that locking these devices down is a simple way to deter theft which is very effective.

How Can Organisations Lock Down Devices?

Kensington is encouraging organisations to make sure that physical security is also reviewed in their security policies along with any practices that relate to electronic data. With a full range of locking solutions available, Kensington has everything an organisation may need to help support compliance with GDPR.

Laptop locks are very efficient at helping to prevent theft due to them being primarily designed specifically to prevent opportunistic theft. It is particularly important that devices are secured physically as they are at risk of being stolen even when people feel that they are safe.

58% of laptops are actually stolen from offices and this unfortunately does not necessarily mean it has been done by outside influences, with 85% of IT managers suspecting that they have been stolen internally5. Once a laptop has been stolen, the risk of data further being compromised increases which can put clients or individuals at risk of data fraud and potential fines for organisations.

Many devices used in businesses use the standard Kensington Security Slot which allows the Kensington MicroSaver lock to attach directly to the slot, or the Kensington ClickSafe to attach via the ClickSafe anchor.

There’s no need for organisations to worry if their devices do not have the Kensington Security Slot however as Kensington offer plenty of solutions for all kinds of devices. Visit www.kensington.com to find out more about the range on offer.

Protection can also be provided when travelling with the range of Kensington SecureTrek luggage that offers an anti-theft security system. Included in this range are the Kensington Overnight Roller and the Kensington Laptop Bag, ideal for when travelling with sensitive information so organisations and individuals can be on their way to compliance of GDPR.

Kensington logo

Sources:

1-2 – Kensington IT Security & Laptop Theft Survey, August 2016

3 – Financial Services Breach Report, Bitglass, 2016

4 – Verizon Data Breach Investigations Report 2016

5 – IDC Executive Brief 2010 – Laptop Theft: The Internal and External Threat

About Author

Sarah Jubb
Sarah Jubb

Related Posts

Leave a Comment