Sometimes it's necessary to transfer data, including personal data, between systems by creating files in one system and importing the data into another. Maybe you simply need to pass personal information from a system to a colleague or a third party. Here at Team Technologies, we take additional care to protect any data files that may be moved to interim servers, or sent by email, and we encourage all our customers to follow best practice when transferring data. Here's a few tips taken from our own processes that might help you - particularly when sending or receiving data to / from our support team.
- Always encrypt and password protect any file containing personal data : even a simple PDF of names and addresses could be exploited if it falls into the wrong hands.
- Construct passwords that would be difficult for anyone to guess : use a combination of numbers, upper and lower case letters, and punctuation if possible. Longer passwords are harder to crack and it may be more memorable to use a short phrase rather than a single word.
- Never include details of how to access the file (e.g. the password) in the same communication as the file itself.
- Never store password information in the same location as the file itself.
- Always send the password separately from the file and / or usernames associated with it.
- Ideally send the password using a different communications method (we typically send and receive passwords via SMS).
- Keep passwords safe and never write them down. Use a password keeper app or other protected repository where possible.
- If you're passing on (forwarding) data that's been sent to you by someone else, check that the data is as you expect before you forward it - don't send information that is not needed; and if you receive it without protection, add encryption (such as a password) before you send it on.
- Delete any files once you've finished with them.