Nowadays we live in a world where technology is developing rapidly and personal data security is a big concern as we all become more connected. As companies collect and analyze far greater volumes of sensitive data, it is more important than ever to ensure that data is safeguarded and secured.
Data protection legislation will fundamentally change in May 2018 with the introduction of the General Data Protection Regulation (GDPR), where companies across all EU member states will need to demonstrate systems and processes that document and ensure data security or face crippling monetary penalties.
High profile data breaches are sadly now commonplace – even institutions such as the NHS have fallen victim in recent times, with hackers using a variety of techniques to gain access to millions of sensitive patient records through system flaws and poor processes. Further, large companies such as Yahoo, Bank of Scotland, and Three have all been caught out with data breaches in the last few years.
Most common cyber-crime techniques
Techniques used by hackers are changing rapidly and becoming more sophisticated. Below are just a few examples of common practices in place today:
- Voice phishing (“Vishing”) – A new form of cyber-crime where the victim is coerced to give up credit card and other sensitive data over the phone. Incoming call numbers are spoofed to look like, for example, banks or reputable companies. Tip – Never give out your card information, PIN number, or any other sensitive data over the phone.
- Email spoofing – A very common technique is creating very realistic looking emails, designed to look and function almost identically to those from reputable organisations such as Apple or Amazon. The emails ask recipients to click links to, for example, install viruses and malware, or enter their personal information. Tip – do not click on emails you do not recognise, and be vigilant against any strange emails arriving in your inbox.
- Crypto-locker (also known as “ransomware”) – Similar to the NHS case, this nasty software locks and encrypts your important data, offering users the opportunity to retrieve the data in exchange for a monetary payment. Tip – always have a separate data backup and keep antivirus software up to date.
The golden rule – data security is EVERYONE’S RESPONSIBILITY
Key to a successful data security process is the ethos that this is everyone’s responsibility and accountability. No longer should the security of data be delegated to an IT team or 3rd party supplier. All staff should be bought into the concept of secure data management and keep this at the forefront of everything they do. This philosophy combined with solid systems and processes makes it far more unlikely that a company will suffer a data or system breach.
Steps you can take now to ensure data security
Dynamic Edge are data security specialists and can assist you in safeguarding your systems and processes, for example:
- Perform a data audit
- Evaluate systems and data security processes
- Provide vigilance training
Chat with us today about how we can help you and your staff stay one step ahead with data security.