Data protection – how compliant are you, really?

Rebecca Edwards

Product Marketing Manager at Redgate Software

Views 938

Data protection – how compliant are you, really?

15.11.2018 10:15 am

The way we do business has evolved. Looking back just 30 years, we can agree by comparison to today's standards that the way we stored business-critical information was archaic. In modern business, we rely on technology for much of our organization’s needs, but this relationship with technology is not without its risks.

It’s easy to believe that by having antivirus or antimalware solutions in place we’re protected, but compliance is more than cyber security: it involves a shift in the way business is done.

 

Welcome to the new world of data compliance

With the introduction of the General Data Protection Regulation (GDPR) earlier this year, the conversation around data protection was sparked. The GDPR was introduced to replace outdated data privacy laws across Europe and provide greater scope and tougher penalties for those who fail to comply.

Companies who have neglected to protect personal data have been thrown into the spotlight of the news channels and our social media feeds, with Facebook, Cambridge Analytica and Under Armour among the most well-known. The consequences for these breaches are bigger, resulting in not only large fines but also the possibility of jail time depending on the applicable regulation. Arguably, some of the biggest damage is actually the one to your brand and how consumers continue to see you. While the fines may be the initial impact, the fallout afterwards can be the most damaging.

The flurry of activity surrounding the GDPR has also led to many more regulations springing up, including New York’s Stop Hacks and Improve Electronic Data Security Act (SHIELD) and the California Consumer Privacy Act (CCPA).

Data protection is not a new concept, however, and legislation like Sarbanes-Oxley (SOX) and the Health Insurance Portability and Accountability Act of 1996 (HIPAA) have been around for years. In the case of SOX, this came about directly as a result of the infamous accounting scandals of Enron, WorldCom, Tyco and others. The impact of these scandals, damaging the financial markets themselves and jeopardizing investor trust, offers a key insight into the power of data.

The GDPR was not created as a result of a headline-grabbing data breach, but rather simply because the world of data in business is evolving, and so must we.

 

The strengths and weaknesses of data

As the volume of data continues to grow, organizations are continuing to seek ways to extract more value from it. Understanding data and using it correctly can guide companies to greater growth, but the misuse of data can, as we have seen previously, lead to the collapse of an entire business. So is the potential payoff worth taking the risks associate with handling data? Absolutely. But in taking this on, we must acknowledge the well-known quote: “With great power comes great responsibility”.

Organizations are responsible for protecting the data of their customers, and this doesn’t just mean from external threats. One of the biggest blind spots that businesses overlook is internal security. Hackers and phishing scams may be at the forefront of your mind when thinking about data breeches, but actually a large proportion of data exposure comes as a result of an internal error or attack.

In order to provide full coverage, it is the responsibility of businesses to identify gaps in security and highlight weak points and possible risk factors. Consumers are demanding more and are getting wiser to the rights of their personal information, and it’s up to organizations to put practices in place to address these.

 

Knowledge is power

In order to reap the rewards of data, it’s crucial to understand what’s required of you as an employee and as a business in terms of regulatory demands. It is no longer acceptable to be reactive when it comes to dealing with data security. It's too late once we are dealing with the immediate fallout or minimizing the reach of a breach. We must take a proactive approach to handling and protecting our data.

The first step in doing so is getting wise on the respective legislations. Being familiar with data laws is no longer restricted to the lawyers. If you interact with data or are responsible for it, then you should not have to wait for instruction to come from higher up. Take the initiative and do your research. Revisit your own systems and processes and ask if they are fully compliant.

Microsoft MVP Grant Fritchey recently wrote  a free to download whitepaper for Redgate Software which unpicks legislation for the data professional, providing insight and guidance into how to best approach data compliance. If you want to find out how compliant you really are with data protection regulations, it could be a good place to start.

Redgate Software makes ingeniously simple software used by more than 800,000 IT professionals and is the leading Microsoft SQL Server tools vendor. Redgate's philosophy is to design highly usable, reliable tools which elegantly solve the problems database developers and DBAs face every day, and help them to adopt compliant database DevOps. As a result, more than 100,000 companies use products in the Redgate SQL Toolbelt, including 91% of those in the Fortune 100.

Latest blogs

Jerry Norton CGI

Extending the bank: Key drivers, technologies and steps

What does it mean to extend the bank? Traditionally, banks have manufactured, distributed and managed all of their own products and services. The concept of extend describes how this traditional model is changing as the value chain becomes unbundled Read more »

David Moss Avi Networks

Maintaining Trust While Navigating through a Multi-Cloud World

Financial services companies are extending data centres with private and public clouds to keep up with demand, but does a multi-cloud environment introduce too much complexity and risk? Read more »

Philippe Martineau OSTP Alliance

Travelers to consumers: Reflecting on this year’s Transport Ticketing Global

With the world’s largest public transport gathering, Transport Ticketing Global, over for another year and our feet firmly in 2019, it seems apt to reflect on the changing global vision set at this year’s event for the future of public transport. Or Read more »

Kyle Ferguson Fraedom

Why banks need to get personal for a piece of the SME pie

The SME market, for the majority of banks, is becoming a key target sector. In the UK, according to the Federation of Small Businesses (FSB), small businesses accounted for 99.3% of all private sector businesses at the start of 2017 and 99.9% were Read more »

David Worthington Rambus

Real-Time Payments and The Growing Obsolescence of Cash

According to the World Payments Report, compiled by Capgemini and BNP Paribas, the global volumes of non-cash transaction volumes grew by 10.1%, reaching 482.6 billion between 2015 and 2016. In addition, McKinsey’s recent Global Payments 2018 report Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App