This course is intended for personnel with responsibility for data protection and IT security in their business.  Since the introduction of GDPR regulation in 2018 it is an opportune time to review progress in the workplace and where gaps still remain.

Learning Objectives:

Session 1: Data Protection.

To better understand and implement Data Protection & security measures.

GDPR – current contexts.

Terms & Definitions.

Current Legislation.

Sensitive personal data.

8 rules of data protection.

New rules of data protection.

Lawfulness, Transparency and Fairness.

A detour to consent.

Purpose Limitation.

Data minimisation.

Storage limitations.

Integrity & confidentiality.

Accountability & compliance.

Learning Objectives:

Session 2: IT Security by Design.

To appreciate the difficulties and risks in IT security and be more familiar with solutions.

Firewall & Network Security o Wireless Networks (Public and Private).

Secure Remote Access & VPN’s.

Active Directory (Login) Control.

Company Group Policies.

File/Folder Access Control.


Date On-site or in the Cloud.

Mobile Device Management.

Virus, Malware and Ransomware.

Email & Website Security and Encryption.

Security Awareness and Training.

Data Back-up & Disaster Recovery (on-site / off-site) o Cyber Security Insurance.


1 day.


Thomas Phelan who specialises in Quality & Data protection services and along with Dave Devery whose expertise is in the area of IT Security and Resilience, will be more than happy to share their experiences and obviously provide a few practical tips for the Owners of SME’s.