Data protection in the company can only succeed if all employees develop the right awareness for the protection of personal data and pull together with the employer and the data protection officer . Because it is the employees who work with personal data on a daily basis and can therefore actively implement data protection. In this blog article, you will therefore learn how you can ensure more data protection in the workplace with simple and inexpensive means.
Table of Contents
1. Adhere to the “Clean Desk” principle
We understand the term “clean desk” to mean the principle of a tidy desk . Especially if your company has shared workplaces that are used by several employees, it is important to establish order and a clear structure on the desk. A tidy desk not only promotes your concentration and productivity at work, but also strengthens data protection in the company at the same time. Assuming that you have countless documents with personal data lying around on your desk, this data can be viewed by colleagues or even customers simply walking past your desk. In the worst case, a data protection violation can be assumed, when unauthorized persons gain access to personal data .
In order to prevent such violations of data protection, we recommend that you set up clear regulations or a “clean desk” guideline in your company. This should regulate that all employees clean up their desks after work and put away documents containing personal data. Documents with highly sensitive data should be put away properly immediately after processing. Unnecessary printouts and copies of documents should generally be avoided in order to reduce the number of documents in the workplace. As an employee, you should of course keep your desk tidy and tidy at all times, even if there are no applicable guidelines in the company, in order to ensure more data protection in the workplace.
2. Protect your devices from unauthorized access
Whenever you leave your desk – however briefly – you should always activate the screen lock on your PC or laptop and additionally protect your devices with a secure PIN or password .
In this way you prevent unauthorized persons from gaining access to your devices and being able to view your data. In addition, we recommend that you provide your devices with privacy screens. This prevents third parties from gaining access to your data, particularly when working remotely (e.g. on the train or in a shared office).
3. Protect your devices and accesses with secure passwords
Cyber criminals can get hold of your passwords through data leaks and thus spy out data.
The passwords you use to protect your devices or your personal access and accounts must therefore be secure, i.e. the passwords should have at least 10 characters and contain both small and large letters as well as numbers and special characters . Basically, the more sensitive the access to be protected, the more secure the password should be. Also, do not use a single password for all possible services, but set a password for each access.
A password management program can be helpful to generate secure and strong passwords and to manage them properly. Check out our password management blog article for detailed instructions on installing and setting up the free and popular Keepass password manager .
4. Protect your privacy while surfing the Internet
To surf the Internet more securely, you can use a VPN (“Virtual Private Network” or “Virtual Private Network”). With a VPN you can protect your anonymity on the web and your data , since you surf in a closed communication network in which your Internet connection is encrypted.
Using a VPN is especially useful when you’re on a business tripand want to access the Internet in hotels or at airports via publicly accessible networks. Because with open networks there is a high risk that your data will be spied on and misused for criminal purposes. If you haven’t already set up a VPN in your company, you should talk to your IT department about it. See our VPN blog article for more information.
You can also use browser extensions (plugins) for more security and privacy on the Internet. Certain browser plugins can add certain functions to your browser that minimize the amount of data transmitted. For example, the “Script Blocker” blocks third-party advertising on websites that you visit. There are some free plugins on the market that are easy to install and use.
5. Also comply with the data protection regulations when working from home
The data protection rules that apply to working in the office naturally apply equally to working from home. Because the confidentiality and integrity of personal data must of course also be guaranteed in the home office. Certain measures should be taken for this purpose, which can be recorded in a company policy on working from home.
6. Ensure more data protection when using e-mail and the Internet at work
In principle, the employer should prohibit the private use of company end devices and private surfing on the Internet at the workplace. This helps avoid problems that could arise when an employee leaves the company. We recommend that you set up a private use of company property policy with clear rules in your company to avoid such problems.
7. Develop greater awareness of data protection through training and awareness-raising
All of these tips for more data protection in the workplace can only be successful if the staff is sufficiently sensitized and trained in the topic of data protection. Employee data protection training is important to ensure they are aware of their responsibilities when handling customer and personnel data. Trained employees react more sensitively and consciously to irregularities, which helps to prevent data protection violations and thus fines.