Since GDPR came into law last year, people have been wondering should their laptops be encrypted, and if they are not encrypted would they be in breach of GDPR. Well, it turns out that there are no explicit encryption requirements in GDPR. But you are required to enforce security safeguards, and GDPR also mentions that encryption can be used with any personal data. 

So what is encryption?

Encryption is a method of data protection that converts data from a readable format to an encoded version. This can then only be decoded and read if the correct encryption key is used.

How does encryption work?

Encryption works by taking unencrypted data and then using an encryption algorithm and an encryption key to create ciphertext. Which can only be viewed in its original format when it is decrypted with the correct encryption key.  

Why should you consider encryption?

Since your data will be encrypted, you are ensuring that if your laptop is lost or stolen any data on it can’t be accessed. Under GDPR if you are affected by a data breach you have 72 hours to notify all your affected customer. This can be tricky if the data breach takes place on a bank holiday weekend. Because you have encrypted your data you have technically not suffered a data breach. As your data can’t be read you don’t have to notify your customers.

What do you do once you have installed encryption?

Once you have installed encryption on your laptop, you have to have regular check-up’s to ensure that encryption is still in place. Last year a laptop used by one of Eir’s staff got stolen, resulting in 37,000 customers having their data compromised. The laptop’s operating system Window’s 10 had recently installed an update which disabled the laptop’s encryption.

iPing provide managed services and IT services. We can help provide you with an overview of how you can go about encrypting your laptops or I.T. infrastructure. So, if you need some help with the above please contact us or give us a call on 01 5241350.