Keeping Data Safe

Why Keep Data Safe?

1. Bound by the DPA to ensure personal data is secure and confidential 2. Competitive reasons for keeping it safe

How do we Keep it Safe?

Security policies should be in place in organisation; might include password managing: • Not telling anyone your password (duh) • Min/max length • Don't use passwords you already use Security policy might give advice on how to stop un-authorised access, such as not telling anyone your password or locking your computer when you're not using it.

Authorisation

• Giving people access rights to data. • An info system will hold all info on it. • Different users will only need to see parts of the data- not everyone should have full access to data. Read Only Can see that data but can't do anything with it Create Can create new records Write Can edit records Delete Can remove records Normally requires a user name and a password, authorisation is about making sure people are who they say they are (PIN, security questions and biometric data).

Encryption

• Scrambling up data so it cannot be read, can only be unscrambled if you have the right key. • Only the person intended to see the data will see it.