Data Protection Day is 10 years old today! But is it just marketing BS or is it genuinely helping companies and individuals keep data private?
Data Protection Day (AKA Data Privacy Day) marks its 10th anniversary this year and it is as relevant as ever with new regulations and cyber security set to be hot topics in 2016. There is plenty for organisations of all shapes and sizes to consider when it comes to protecting data and below is a collection of ideas on how they can do this.
Nigel Tozer, solutions marketing director, EMEA, Commvault
“On European data protection day, companies will be reminded of the fact that they need to be working towards the new General Data Protection Regulations. The GDPR states that, after appointing a privacy officer, businesses need to identify and classify data so that they can put in place a breach notification policy. Their biggest challenge will be unstructured data. With structured data, in rows and columns, classification is an easier process, but unstructured data is far less easy to define because it’s distributed all over the place. It would be hard enough if the data were in one place, but unstructured data is disparate; scattered over endpoints, hard drives and the cloud. Technology that can automate policies to classify, organise, retain and delete information, based on is content, will ensure that business can move swiftly towards data protection (and compliance) in less time, with less stress and greater accuracy.”
“While any measure to raise awareness of data protection issues is welcome in my opinion, a business’ responsibility around secure data transfer is something that needs to be taken seriously all year round. Anyone responsible for the security of personal data in an organisation will already be thinking ahead this year to the impact of the new European data protection regulations rumoured to be enforceable by 2018.
“However, a recent Ipswitch survey revealed that although over two thirds of IT teams do acknowledge that GDPR will impact their business, one fifth still have no idea whether changes in the regulation will apply to them. That is why, this Data Protection Day, education on regulation is key. All IT teams should be looking at how their organisations will have to adapt to the regulations to remain compliant. A key factor in this is keeping up with regulation and modern data transfer practices. However, important practical steps can be taken now. For instance, an organisation that audits it’s data trail will likely know exactly where it stands when the new regulation is passed.”
Eve Maler, VP innovation & emerging technology, ForgeRock
“What all organisations need to understand is that behind every online identity and digital profile is an actual human being. Today, many people have multiple digital identities or profiles that, when combined, includes almost all of their personal information. This includes everything from daily workout habits monitored by a connected device, to financial transactions and healthcare provider diagnoses.
“Organisations should now start thinking about how to give their customers more control over their personal data in order to form trusted digital relationships. This is even more time-sensitive for U.S.-based enterprises and government organisations with ties to Europe. The European Parliament will soon enact the General Data Protection Regulation (GDPR), which requires companies to give customers rights to better direct their privacy and data protection. What’s more, the reform includes a clause that sets a high bar for individual consent: organisations must give customers the genuine and free choice to accept and approve or refuse and withdraw their consent of where their data will be shared without detriment.”
Mark Edge, UK country manager, Brainloop
“Data Protection Day is the perfect opportunity for businesses to review the way they collect, classify, store, share and protect the personal data they possess. The way businesses store and share data has changed rapidly in the past decade and regulations are now catching up with the changes. Complying with these regulations will not only keep the personal data of your employees and customers safe, but also ensure that your business avoids the fines and reputation damage that could follow a data breach. There is a fine balance between giving access to sensitive data and documents to those who need to view it, but also keeping it hidden from those who don’t. Businesses can use a combination of education, simple and secure technical measures and security policies to ensure this balance is possible.”
Perry Correll, principal echnologist, Xirrus
“Xirrus recently polled Wi-Fi users and found that 76 percent connect to Wi-Fi outside of their home. With the proliferation of wearable devices such as fit bands and smart watches, that figure will only increase with each passing year, thereby presenting additional temptations for hackers. Public Wi-Fi offers the convenience of accessibility, but typically doesn’t encrypt data, which leaves passwords exposed and sensitive data vulnerable to the possibility of capture by those with malicious intentions.
“It’s bad enough worrying that while sipping a latte, cyber criminals might be trying to steal your credit card data and bank account numbers, but even more daunting to know that corporate espionage is on the rise. Public Wi-Fi networks offer hackers little challenge when it comes to intercepting private or classified information accessed by executives who stay in hotels on business.
“Now more than ever, large and small enterprises—from coffee houses to airports and hotels – must upgrade their networks to provide better security for their customers. “
Sharon Moses, director of marketing at Quorum
“Businesses need to be more aware when it comes to data protection. Data loss, corruption or misuse can have a huge impact on any business, resulting in hours of downtime that most organisations can not afford. Business and personal information has become a highly valuable asset that requires a strategy to support, store and protect in order to ensure business continuity. With a robust, cloud based, disaster recovery solution in place organisations can quickly regain any lost or damaged data allowing them to continue business as normal. Data protection is about creating awareness that disasters can strike at any time from human error, hardware and software failures to natural disasters, thus businesses need to be prepared.”