GDPR and email banner

What does the GDPR mean for email?

We’re sure you’re already aware of the GDPR and some of the changes to data privacy that will come about following its implementation (if not, click here for our GDPR series). However, something that you may not yet be aware of is the way that the GDPR will impact the way you email.

We recently held a GDPR seminar with our partners Mimecast and Microsoft, which provided a variety of information relating to different areas that GDPR will impact. In this article, we will be covering some of the points outlined by Mimecast at the event. For a full list of our GDPR resources, click here.

What are some of the implications?

By design, email systems hold a huge volume of personal data and remain the number one attack vector, including phishing and ransomware. GDPR obligations demand that organisations take sufficient steps to secure email and the data it holds. They must also manage live, backup and archive copies of data with the same level of rigor.

Using a cloud-based archive can help minimize risk and allow a swift response to an individual’s access and possible deletion request. Adequately protecting email systems against attack, whether on-premises, in the cloud or hybrid deployments, becomes even more essential. Basic email security like spam and virus protection don’t go far enough, with the latest advanced security needed to thwart ever more sophisticated and determined attackers.

Did you know; 91% of data breaches start with an email Click To Tweet

What types of personal data are often found in emails?

  • names

  • email addresses

  • dates of birth

  • Financial information

  • physical addresses

  • phone numbers

  • medical records

Inherent Risks of Email

GDPR for Email
  • Ransomware
  • Impersonation
  • Spear-phishing
  • Weaponized attachments
  • Malicious URLs
  • Insiders
GDPR for Email
  • Personally identifiable information
  • Customer lists
  • Financials
  • Intellectual property
GDPR for Email
  • Data at rest
  • Data in transit
  • Archived data
  • Unstructured data

So what can you do to make sure your business is compliant?

Prevent a data leakage by using multilayered protection within your businesses’ email accounts. Mimecast can help to stop spam and viruses in the cloud and help keep your data safe which will eradicate the risk of receiving a fine under the GDPR.

Manage your data efficiently to ensure you know where all data is being stored and processed, and that any information that needs to be is destroyed in a timely manner. Mimecast ensures secure storage of encrypted data.

Maintain the security of the data you hold at all times across all devices. Why not contact us to find out how you can receive uninterrupted access to your email and archive even if your primary system is unavailable

Do you need more information about how you can get ready for the GDPR?

Contact a member of our team today to discuss your compliance plan.

GDPR tools for compliance
How will the GDPR affect your email marketing?
Data Protection
GDPR within Finance

We wish to emphasise that Arden Group is a Managed Service Provider and not a legal firm. That means that the views brought forward in this page are not necessarily shared by lawyers or courts.

Arden Group, therefore, does not guarantee that all information is factual and interpreted correctly. If you wish to ensure your advice or your company is legally covered by GDPR, consider consulting legal or specialised advice.