- Security TWENTY
- Women in Security Awards
People don’t believe businesses and governments are doing enough to keep their information safe. That’s according to IT security product company Symantec’s State of Privacy report. It offers a snapshot of perceptions on data privacy. On the EU’s upcoming General Data Protection Regulation (GDPR), the report says that although necessary, such enormous change is naturally making many businesses slightly weary of the amount of disruption at stake.
According to the report, the average European is not happy with the way their data is handled by the companies they do business with. Respondents also stated that their security concerns may cause a change in their online behaviours, as they choose to avoid certain services or activities online. This is likely to place pressure on businesses to adopt new
practices, the report suggests; and that the most trusted organisations are those that do not have an overt business model built on collecting data.
Stephen Love, Security Practice Lead – EMEA at Insight UK, said: “Despite the results of June’s [UK Brexit] referendum, from May 2018, any organisation found to be in breach of the new EU GDPR will be subject to considerable fines that could damage the financial stability of the company and, coupled with the reputational fallout, could see the business facing bankruptcy. So the fact that 96% of organisations do not fully understand the EU GDPR is a huge cause for concern.
“For an organisation to adhere to the new EU data regulation, they first need to identify the key data that they need to protect, understand where it resides and what value the data has. Additionally, and perhaps most importantly, companies need to evaluate who has access to this data. Once this is established, the organisation needs to create a security strategy and policies that will enable them to not only protect this data but also secure admittance to it. Further solutions can then be implemented to secure the data, from cutting edge, next generation firewall solutions to data loss prevention tools, ensuring the integrity of the data. Identity and Access management solutions and multifactor authentication will also allow for the governance and control of user admission to on-premise and cloud services.
“Planning ahead is the best course of action for any business. 2018 might seem a way off, but we are already nearing the end of 2016 and, before we know it, the new legislation will come into effect. Addressing the EU GDPR now will allow businesses to budget and prepare, taking manageable steps to ensure a compliant business environment that will help protect the company from the potential fallout of non-compliancy.”