The average employee will receive 121 emails throughout their working day. That is 121 potential threats to information security and compliance as it is estimated that 45 per cent of employees have accidentally shared or received (unauthorised) sensitive information in emails.In today’s post-GDPR environment, organisations need to be conscious of how they handle data as the risks have increased significantly. For example, simply receiving unwanted or unauthorised data via email could result in a €20 million fine for the organisation.New rules under GDPR stipulate that unauthorised access to personal data must be reported to a data protection regulator, as the information could have a detrimental impact on both the business, as well as the individual concerned. Therefore, if employees receive emails that contain sensitive information and disregard the email without deleting or reporting the occurrence, the whole firm is liable for irresponsible data handling.While it may … [Read more...] about Avoid a €20m fine by improving email security
Six months on from its introduction, the GDPR has done much to shake up the way organisations collect, secure and use people’s personal data. However, while the ambitious legislation has succeeded in many of its original goals, there are other objectives which may be longer in the making.On the positive side, the GDPR has certainly achieved its primary aim of harmonising data protection laws across the European Union. Similarly, it has also successfully overseen sweeping modernisation, brought data laws up to date, and made them fit for purpose.However, the GDPR has yet to truly change the culture around data privacy and security. This is perhaps the greatest challenge, and it means overcoming the longstanding attitude that data protection is not a significant business risk nor a particularly important business priority – an attitude that has been ingrained over many years.As a result, many organisations have failed to understand the significance of the GDPR and what it … [Read more...] about The biggest GDPR mistakes six months on
The European General Data Protection Regulation (GDPR) legislation has now been in effect since the end of May. The challenge for companies, which now store more increased confidential information, is to manage the new complex regulations that GDPR has brought into play. Since GDPR was first introduced on 14 April 2016, businesses have had two years to iron out data mishaps, and to ensure they are ready for when the legislation came into effect, to avoid any hefty fines for not responsibly complying. In fact, businesses who haven’t complied face fines of up to €20million. However, the arrival of this legislation has proved complex to navigate, with many different factors for businesses to consider. For data centres, this legislation adds just another challenge amongst the security risks, client pressures and environmental impact data centres face on a daily basis.For example, one particular risk data centres face in the current cyber landscape is the … [Read more...] about The data dilemmas CIOs face post GDPR deadline
Civil Rights group Privacy International has cried foul play to European data protection watchdogs, saying seven companies are gathering user data under suspicious circumstances and no one is looking into it. And no one is looking into it because the seven companies are ‘not household names’, it says.The complaint names Acxiom, Oracle, Critero, Quantcast, Tapad, Equifax and Experian as being the companies that exploit the data of millions of people, without being analysed if their practices meet strict GDPR standards."GDPR sets clear limits on the abuse of personal data," said legal officer Ailidh Callander. "PI's complaints set out why we consider these companies' practices are failing to meet the standard – yet we've only been able to scratch the surface with regard to their data exploitation practices. GDPR gives regulators teeth and now is the time to use them to hold these companies to account."The Information Commissioner's Office reacted, saying it had issued … [Read more...] about Privacy International points finger at seven companies for data gathering
It’s six months since the General Data Protection Regulation (GDPR) came into effect, and it’s fair to say that it has been viewed as a headache for many organisations. This strict legislation brings greater accountability into how firms process, store and secure their data. The problem is that many hold their data in multiple locations and, worryingly, some don’t even know where or how all of their data is stored.Complying with the GDPR, then, becomes extremely difficult. But the regulation isn’t going away – it’s a necessity that all businesses must adhere to. Moreover, the GDPR affects every department in the organisation that holds data from sales and marketing through to finance, HR, procurement and IT. Compliance can’t be left to the legal experts alone.Achieving GDPR readiness requires everyone to reliably streamline all personal data held in various documents and emails held across disparate systems, network folders, and even those … [Read more...] about Can automation help businesses comply with the GDPR?