Quick Start Report

How good is your data security policy?

Take our 30 second test and generate a report that will give you an overview of some of the actions you need to take to improve your data security policies:

Do you have a policy for security and data protection?

Do you have an asset register and are all devices securely configured?

Do you have; active filtering, a monitoring system, anti-virus and anti-malware protection?

Do you enforce your password policy?

Do all users receive regular security and data protection training?

Do you have a process to log, report and monitor security incidents?

Do you have a policy for removable media?

Is your network monitored with logs reviewed regularly?

Do you have a clear procedure for responding to a data security incident?

Do your policies for remote or home-working make provisions to protect personal data?

Have you audited where your data is (Cloud? Personal? Encrypted?)

Do you encrypt mobile devices?

Your Quickstart Report

From your quickstart questions, your actions to become more secure are:
Question Your Response How can 360data Help?
Do you have a policy for security and data protection?
Yes - Well done. Make sure it is well communicated to your employees and consider appointing a Data Protection Officer
No - You should adopt a data protection policy and then communicate it clearly to your employees.
A template policy written by Charles Russell Speechlys LLP, a leading data protection law firm. 360data+ can help provide a data protection officer for you.
Do you have an asset register and are all devices securely configured?
Yes - Great work, your devices are registered. Have you tested your policies and practices with a scenario?
No - Knowing how many devices you own and their serial numbers will help in the event of theft or loss. Securely protecting the devices will help protect again data loss.
Clear guidance on why you should and how you could track and secure your assets. Access to preferential rates for Sophos products.
Do you have; active filtering, a monitoring system, anti-virus and anti-malware protection?
Yes - Well done, all of these create an environment that protects your data.
No - Implementing this suite of protection services will help to ensure you stay in control of and protect your data and devices.
Our guidance provides a maturity model to help you ensure you are protecting all aspects of data protection. Our unique relationship with Commisium can help provide peace of mind by testing your systems to check your protection.
Do you enforce your password policy?
Yes - Excellent work, regular password changes and a forced complexity really help protect access
No - A clear and enforced password policy is a straightforward way to protect access to data and systems.
Our guidance provides a maturity model for infrastructure, which includes considerations for how you could implement a password policy effectively.
Do all users receive regular security and data protection training?
Yes - Great work, this is potentially aspirational practice.
No - It is important that users receive training; they are the frontline in protecting your data.
We provide clear guidance on what training staff need and have negotiated preferential rates for online training with DeltaNet.
Do you have a process to log, report and monitor security incidents?
Yes - Great work, do verify that this includes why you did something and why you didn’t do something – it’s easy to forget in months to come.
No - Recording events can help you; identify trends, make improvements and protect you in the event of an investigation.
360data includes access to a range of recording templates for you to make use of.
Do you have a policy for removable media?
Yes - Great work!  You need to make sure that the data is encrypted and can only be accessed by authorized users.
No - If these media contain personal data or you do start holding data on them in the future you will need to ensure they can be encrypted.
360data provides clear guidance on removable media policies. You can also access preferential rates with Sophos for Encryption products.
Is your network monitored with logs reviewed regularly?
Yes - Super! Have you verified that your whole network (including any cloud storage) is monitored?
No - If you don’t do this, how do you know what’s happening on your networks? Is illegal or inappropriate activity taking place?
360data will prompt you to consider the effectiveness of your monitoring programme.
Do you have a clear procedure for responding to a data security incident?
Yes - Well done. Have you tested your procedure to check it works?
No - How will you handle a situation if it occurs? Advanced planning can streamline your response, making you look professional and well-organised.
“Failing to plan is planning to fail.”
360data will help you ensure that these procedures cover all staff and volunteers.
Do your policies for remote or home-working make provisions to protect personal data?
Yes - Well done. Have you verified that this covers all possible usage scenarios?
No - The safest place for your data is on-site, but remote access provides a way in for hackers, is yours secure? If employees take devices home, do they understand what is acceptable behaviour?
Our guidance in 360data will support you in developing a robust and secure system to protect your data.
Have you audited where your data is (Cloud? Personal? Encrypted?)
Yes - You need to ensure that data is encrypted at all times, including when it’s in transit (e.g. while being uploaded).
Also be mindful that transferring data, including via the cloud, to countries outside the European Economic Area (EEA) is restricted under current regulations.
No - If you move to the cloud in the future, make sure that the ability to encrypt the data – both in the cloud and also when being transferred – is on your core requirements list.
Also be mindful that transferring data, including via the cloud, to countries outside the European Economic Area (EEA) is restricted under current regulations.
Get clear advice from 360data about what you should do and access preferential rates on encryption services from Sophos.
Do you encrypt mobile devices?
Yes - Well done. The personal data on it is safe, even if the device gets lost or stolen.
No - You will need to secure personal data on mobile devices. The ICO has the powers to impose fines for personal data breaches the upcoming EU laws are set to strengthen these powers.
360data will help identify what devices you should encrypt and to what extent. Our preferential rates with Sophos can help you implement and manage encryption easily.

The full tool offers a more in-depth analysis of your data security policies, and allows you to keep notes and track your progress as you implement the actions recommended by the tool.

Purchase 360data