Best Practices for Account Security: Keeping your business and customer's data safe
Data privacy and security: Why is this important?
Breach of personal or customer data can be frustrating, costly, and damages trust. The great news is, at Bookwhen, we take security seriously. We are now ISO27001 certified and always have security in mind. We are focused on ensuring that we thread this through everything we do, with a comprehensive privacy policy and data processing agreement too.
Here are our top tips to get you started:
๐ Understanding your role
You are the "Data Controller" and make decisions about processing activities. The Data Controller is in charge of processing personal data. They oversee how data is used, stored, and processed according to guidelines. They also manage data collection consent and ensure it's used appropriately.
๐ซ The Team (even if thatโs just you!)
Often overlooked, you and your staff can be your best and first defence against compromised data. Best practices for your team:
- Be clear about acceptable data handling practices and stay aware of surroundings when accessing customer data.
- Keep devices up-to-date with the latest browsers, software updates, and antivirus tools.
- Use strong, complex passwords and ensure work devices have a lock screen when not in use. Consider using passphrases for better security.
- Enable Two-Factor Authentication (2FA) whenever possible and avoid shared logins. Consider using a password manager like 1Password for better password management.
- Manage staff access to data using Bookwhen's Team Member 'roles' feature.
- Train all staff members on your business's data privacy processes and policies.
๐ก Useful resources
Each country has its own regulating/governing body, often providing training resources โ for example:
๐ฌ๐ง UK - I.C.O, (Information Commissioners Office).
๐ฎ๐ช EIRE - Data Protection IE
๐ช๐บ EU - EU data Protection Board
๐จ๐ฆ Canada -Office of the Privacy Commissioner
๐บ๐ธ USA - Federal Trade Commission
๐ฆ๐บ AUS - OAIC
๐ฑKeep devices and software up to date
Ensure all devices accessing your business account use the newest browsers and software versions. The tech industry changes quickly, so web-based services like Intercom (our chat support provider), integration partners like Zoom, Stripe, and PayPal, and the browsers you use like Chrome, Edge, Safari and Firefox regularly update their security settings.
At Bookwhen, our top priority is your security. We go above and beyond to ensure that every interaction within our platform is thoroughly protected. In our unwavering commitment to your safety, we have implemented a robust TLS/SSL configuration. This can result in older browsers being unable to 'talk' to the Bookwhen site. This will be true of your customers running older browsers.
๐ก Learn more about browser support and general browser troubleshooting.
๐ฝ Data minimisation
- Only collect data that's necessary for your business or events. Be open about what you're collecting and get consent from customers.
- Don't keep data longer than needed. Use Bookwhen's data retention feature.
- Dispose of old records correctly. If you download CSV files:
- Protect downloads with passwords and lock devices when not in use.
- Remove unnecessary data fields to keep local data to a minimum. Remember, if a customer requests their data to be deleted, this includes locally stored files.
- Delete downloads once you're done with them and clear trash or deleted items every 30 days.
๐ก Remember to keep current by constantly reviewing requirements and best practices with your local governing body. Learn more on the I.C.O. site.
If you would like to get more information or guidance on any of the suggestions and options mentioned above, donโt hesitate to reach out to our support team via live chat or email๐บ