Safety in your workplace
Safety in your workplace
The workplace is the critical space where companies process personal data and information in general for which they are responsible.
Such processing is carried out by means of paper documents, telephone conversations, videoconferences and various devices (PC, Smartphone, external memories, external hard disk, tablets, printers, etc.).
If the workstation is the critical space, the Employees that occupy those workstations are the critical human resource that must comply with and apply the corporate technical and organizational measures that guarantee the confidentiality, integrity and availability of the information processed in the workstations.
Let’s remember that Spain is the third country in the world in number of cyber-attacks, that 40,000 cyber-attacks take place every day, that 7 out of 10 cyber-attacks are aimed at SMEs and that 85% of cyber-attacks affecting companies are related to employees.
Workplace Safety Policies
Therefore, it will be necessary to inform, train, raise awareness and sensitize employees to achieve the desired security in the workplace. The following are some of the issues that should not be missing in Corporate Security Policies:
Confidentiality obligation
All employees must be committed to the duty of secrecy and confidentiality,
Device Usage and Cloud Hosting
Only devices and hosting services authorized by the company shall be used.
It is forbidden to install or uninstall software
It is forbidden to install or uninstall software without the express and prior authorization of the company.
Asset Inventory
Have an updated inventory of assets (hardware and software) authorized to work.
Use of passwords
A password policy must be approved to identify accredited users.
Logging off and shutting down the computer
When you are absent for a short period of time, it will be necessary to lock the equipment, and you will need to enter the password to resume the session.
Equipment encryption
Different operating systems include their own systems for encrypting computers, especially if they are authorized to leave the workplace. Example: BitLocker in the case of Microsoft.
Encryption of confidential information
E-mails shall be sent encrypting these or the attached documents that include confidential information.
Teleworking or Labor Mobility Policy
All security issues that involve working outside the workplace and that pose a risk (conversations, videoconferencing, use of networks, etc.) must be implemented.
Clean desk policy
Do not leave documents unguarded or in view of unauthorized persons.
When absent from work, all paper documents should be kept in file cabinets or locked rooms.
Do not leave sensitive documents on printers or scanners.
For example, implement technical measures to prevent documents from being printed without the presence of the authorized user.
Destruction of documentation
Do not throw away documents with personal data or confidential information. Use effective means of destruction as shredders / paper shredder, recommending the services of expert companies that certify the proper destruction.
Report security breaches
Any security breach suffered by the company must be reported without delay.
Business Adapter at your service
All of the above is part of the development of corporate security policies, which in addition to being useful for information security issues, will be necessary to comply with data protection regulations, specifically Article 24.1 of the RGPD, which establishes as part of the responsibilities to be assumed by the Data Controller, the implementation of appropriate technical and organizational measures to ensure and demonstrate that the processing of personal data complies with the regulations on personal data protection.
If you are a customer, you already have your Security Policy, remembering that it must be approved by the Management on page 2.
If you are not yet a client and you need us to create your own Security Policies, do not hesitate to contact us by email at: info@businessadapter.es, call 96 131 88 04, or leave your message in this form:
[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Contact us, we will be happy to help you.[/su_button]