You must, to a reasonable extent, prevent unauthorised data ingress or egress.