We recently conducted an independent study that suggests most of the general population are worried about their personal or financial data being hacked, 65% in fact, and yet 78% are not worried about there being a data breach within their business. So, is that because we are in less control of our personal data and more confident in the various encryption controls in place to avoid a breach of data at our place of work – especially since the introduction of GDPR in May 2018?
Keeping to GDPR guidelines
In the same survey, over 40% of business professionals said they had audited their data processes to become GDPR compliant, to ensure that people’s personal details could not be misused. However, more than 45% had done neither this or hired a GDPR specialist or appointed a data protection officer. So, when we register our details with a business now, how do we know that our details will only be used in accordance with what we have been asked and that our information will not be passed on or misused. Quite simply, we don’t, so you could continue to receive emails, texts, and telephone calls from businesses with whom you have not had any dealings for at least a year or more. You are however within your rights to refuse their communication or click a link on their email/text to unsubscribe from their mailing list.
GDPR has been put in place to limit the options available as to how businesses can contact you and help people worldwide feel a little more secure about how their personal information is being used. Having said that, nearly 20% of people who had ever experienced a breach of their data said it was via phishing emails, and even since the introduction of GDPR, that figure is still at 14.8%. So perhaps over time, the more people who unsubscribe or the more companies that adhere to the implemented rules, the further this figure should reduce on all fronts including employee error, cyber-attack, ransomware, and physical theft.
The guide to GDPR contains information about consent, an explanation of rights under GDPR, descriptions of special categories and criminal offense data, and guidance on protecting children’s data. If you are unsure what requirements you need to comply with within your organisation, then this is a good place to start.
BBC Watchdog reveals the ‘Dark Web’
You may have seen this month that BBC Watchdog revealed how valuable our personal details are to scammers and what the average sale price of them is on the dark web. Companies like Apple, Deliveroo, DLVA as well as credit card companies and banks are having their information scammed and thieves will pay a variation on prices to glean that information from the scammers. Your financial information could be bought for an average of £1025.99 and Paypal accounts are often one of the biggest victims because your account can be linked to numerous bank accounts and credit card information. It was revealed how two-factor authentication is vital, which many businesses now have in place to ensure you are who you say you are and that with Paypal you can set this up straight away here.
Remote storage and security
To reduce the probability of data breach and the risk of fines, companies can choose to use encryption of personal data because of the number of cyber-attacks that are fairly unavoidable for those who rely on databases to increase brand awareness, fulfill sales targets, and hopefully grow their business organically through social media and word of mouth. In a nutshell, encryption relates to the procedure that produces readable text from a hashed code that was converted from the original clear text. Ensuring that data you store cannot be read by other mediums if hacked and that your business or user has the code to unravel the information again. Around 30% of businesses use the iCloud for off-site and mobile storage; a model that can be increased in size at any given time, that is protected and backed up, and will cost a certain amount a month depending on how much storage you want and need in nominated increments. Alternative resources are locally on your desktop, on an external hard drive, or via a paper within files in your office but there are others too. iCloud quotes that they use industry-standard security technology and employ strict policies to protect your information. They believe they are leading the industry by using end-to-end encryption for your data with TLS 1.2.
There is also Google Drive which allows you to save data and share it with others, much like an in-house hard drive. Google claims that your file security is crucial and no matter what happens to your computer, tablet, or smartphone, every file will be safe in drive and is encrypted using SSL; just like Gmail and other Google services.
And, if you are constantly on the move, how can you safely transport data if you haven’t got access to a Cloud-based data system or are wanting to send out encrypted information to the right recipients and safeguarding it if the USB stick falls into the wrong hands? At USB Makers, we have a selection of branded USB sticks that are enabled with memory stick password protection, allowing an AES 256-bit XTS encryption, 100% hardware encryption, and plug & play simplicity which are PC and Mac compatible and anti-brute force attack. With memory sizes ranging from 128MB to 64GB, then there is a wealth of space to load an array of data onto, and is almost endless. Check out the range of encrypted drives here