For the most part Streamtime Classic fully complies with the GDPR standards, there are a couple of use cases however where you may want to tighten up security even further and we outline these here:
We have installed SSL certificates on our hosted server machines to improve security. Should you meet ALL the below points, purchasing and installing an SSL certificate for your server machine is an option you may choose to take.
- Your company are using Streamtime Classic,
- Have Streamtime Classic installed on a server in your own office,
- Have enabled access to staff from outside your office (API, Streamtime Web, remote access via FileMaker Pro)
- Are based in the EU or have personal data stored in your Streamtime Classic database relating to people residing in the EU
Although encrypting personal data is strictly not a requirement of GDPR, it is mentioned as one of the security and personal data protection measures in a few articles.
More Info (SSL):
FileMaker Server, the software installed on the server machine in your office that hosts the Streamtime database supports SSL (Secure Socket Layer) certificate functionality. An SSL certificate, ensures that remote connections are encrypted.
Your IT professional (should you have one) will be able to handle this for you. Otherwise, we have written a knowledge base article that outlines how to install an SSL certificate on the server machine in your office.
SSL certificates cost money. They are a security certificate purchased from your Internet Service Provider (ISP) or online that secure communication to your server by encrypting the data.
SSL certificates cannot be purchased by Streamtime for our clients.
Client access and passwords:
If you have setup passwords inside Streamtime for your clients to access and view jobs and quotes these passwords are stored 'in the clear' and this does not comply with GDPR. We will be releasing a new version of Streamtime Classic - 14v5 to resolve this problem. If you are using this feature, Instructions on how to update can be found here.
Whilst the personal data you store in Streamtime Classic will require GDPR compliance, it's not the entire picture. Some steps you can take are:
- Get familiar with the GDPR requirements and how they affect your company.
- Map out everywhere you process data and carry out a gap analysis.
- Chat to your lawyer about what your company needs to do to.