Protect your Data
The team from ESET
brought us through an outline of incoming Legislation and what we could expect to see from an individual perspective, along with company requirements with regard to Data Protection. Any information deemed ‘Personally identifiable’ will be subject to review and should be handled internally with due diligence adhering to incoming laws around individual’s privacy.
David (ESET) provided some advice on protecting your data:
- Data classification
- Implement data loss prevention solutions
- Data Encryption
- Define Data Responsibility in contracts
On May 4th 2016, formal EU approval of the legislation was reached, with May 25th 2018 seeing GDPR Data Protection laws come into force across all EU States, with non-compliance leading to fines of up to €20m or 4% of Annual Turnover.
One of the reasons many businesses seem unprepared for GDPR is that they don't know enough about the data they hold. It is critically important to appreciate the impact of this change, and to understand that this is a Regulation and not a Directive. Having a comprehensive understanding of your responsibility to provide policy around your use and retention of data is critical.
Research from the Ponemon Institute reveals that 64% of Data Breaches are avoidable:
35% - Negligent employee or contractor
29% - IT & Business process failures
36% - Malicious
Recent headlines on malicious software attacks and ransom demands on companies is a specific area of concern, not only for your access to data, but your Data Protection measures to protect your organisation.
How to protect yourself?
Before you get infected:
- Back up your data
- Show file-extensions hidden by default in Windows
- Filter executable (*.exe) files in your e-mail
- Use a reputable security software suite
- Patch or update your software
- Disable remote desktop protocol
If you are suspicious:
- Disconnect from the internet if you think you’ve been infected
- Use system restore
- Set the BIOS clock back
- And – in particular – don’t pay.
Morgan McKinley are hosting an information session for clients around GDPR on Thursday 13th July. More information can be found here