How to make your employees aware of the importance of secure information processing

Some organisations are already GDPR compliant, others still have work to do to meet the legal requirements. To achieve this, a set of technical and organisational measures is required. There are many step-by-step plans on the Internet to help you with these measures. It is even more important yet to raise the awareness among your organisation’s employees. This is very important, since 46% of all data breaches occurs because employees do not handle sensitive data consciously. How do you make sure this will change within your organisation?

1. Organisational measures

As a CISO, you record a lot in order to be accountable, in compliance with privacy legislation. You have to give evidence you have arranged certain issues. For instance, drawing up processor agreements with suppliers, a protocol for reporting data breaches, or a privacy impact assessment when making use of certain tools and software. You can arrange many issues independently as a CISO. However, the introduction of new policies, such as for reporting data breaches, affects other parts of the organisation as well. The organisation should first understand why you take these measures, and what is expected from its employees.

2. Technical measures

Technical measures are necessary to organise the protection of personal data. Think of the encryption of data, two factor authentication, or regulating access by using entry passes. Sometimes the existing solutions are not sufficiently fitting, so you obtain new solutions. The key factor in the application of technical measures are the users: your organisation’s employees. If they do not make use of the technical solution, your organisation still does not comply with the privacy legislation.

3. Awareness among employees

To make the organisational and technical measures successful, you definitely need support among the employees. Not only do you need support from the IT department, but from all employees who process personal data in any way. In our e-book, we will explain how you can reach this in an accessible and effective way.

Get going

As a CISO, you are facing a major challenge: creating awareness within the organisation. This is truly crucial. If employees are not fully aware of the implications of the unsafe processing of personal data, you keep on firefighting. But how do you start this awareness process? In our e-book, you will find answers to the question: how to create awareness about the secure processing of personal data within my organisation.

Download the ebook

RELATED
The_advantages_of_Email_vs_Fax and_Snail_Mail_zivver_blog_en

The Advantages of Email vs. Fax and Snail Mail

Before email came into popularity, fax transmissions presented the only way to send written communication quickly. They could provide paper printouts in a few short minutes over hundreds of thousands of kilometers. Nowadays, email has become the preferred method of communication. Consequently, most companies have entirely abandoned fax machines. […]

Read more
Data_Breach_vs. Data_leak_explained_zivve_blog_en

Data breach vs. Data leak explained

You probably remember when Facebook's founder Mark Zuckerberg testified before the American Congress and UK lawmakers regarding the Cambridge Analytica data leak scandal. The political consulting firm harvested raw data from 87 million Facebook profiles while working for Donald Trump's presidential campaign in 2016. You might also recall the massive data breach […]

Read more
Data_Breach_vs. Data_leak_explained_zivve_blog_en

Data breach vs. Data leak explained

You probably remember when Facebook's founder Mark Zuckerberg testified before the American Congress and UK lawmakers regarding the Cambridge Analytica data leak scandal. The political consulting firm harvested raw data from 87 million Facebook profiles while working for Donald Trump's presidential campaign in 2016. You might also recall the massive data breach […]

Read more
Untitled design (2)

Encryption for beginners 2: PGP and Hashing

If you want to prevent unintended recipients from gaining access to emails containing sensitive personal data, it is imperative to use encryption. Encryption is an interesting and yet complex subject, not widely understood by the general public. We started covering the topic with the encryption for beginners 1 blog post, in which we highlighted the differences between […]

Read more
Encryption for Beginners_locks_ZIVVER_email

Encryption for Beginners 1: (A)symmetric encryption

Most people don't realize how easily an email can be sent to the wrong recipient. A typo in the address, a mistake in the configuration of a server, the wrong name selected from the automatic address book: they are all simple and common mistakes. In addition to the human error element, there is always a risk that hackers could compromise the mail server of a provider […]

Read more
FromAtoZivver

Cybersecurity Awareness Month: Email and File Transfer Security

When people think about email security, they typically associate it with widely reported hacking incidents, often nefarious in nature. These breaches tend to be higher in profile for a multitude of reasons, but actually account for a lower percentage of data breaches overall. For many organizations, the biggest threat to protecting privacy-sensitive data simply comes […]

Read more