The General Data Protection Regulation & The Duty to use Encryption

The General Data Protection Regulation, abbreviated to GDPR, raised a storm when it arrived. In reality, it merely tightened up on existing good practice according to digital security specialists Gemalto. The right to withhold consent and to be forgotten has always been there, for example. However, the GDPR brings a free enforcement service for consumers, thus avoiding the need for third party, paid assistance.

The GDPR Bottom Lines for Data Security
Moreover, the GDPR has penalties it can apply, of the order that might have a judge choking on his wig. Under it, data security measures such as pseudonymisation (substitution of identifying fields) and encryption (encoding including password protection) have become mandatory. Businesses must further respect their client data by:

a) Storing it in a secure environment supported by robust services and systems

b) Having proven measures to restore availability and access after a breach

c) Being able to prove frequent effectiveness testing of these measures.

The General Data Protection Regulation places an onus on businesses to report any data breaches. This places us in a difficult situation. We must either face at least a wrist slap upon reporting failures. Alternatively, pay a fine of up to ?10 million, or 2% of total worldwide annual turnover.

The Engineered Weak Link in the System
Our greatest threat of breach is probably when the data leaves our secure environment, and travels across cyberspace to an employee, stakeholder, collaborator, or the client themselves. Since email became open to attack, businesses and individuals have turned to sharing platforms like Dropbox, Google Drive, Skydrive, and so on. While these do allow an additional layer of password protection, none of these has proved foolproof. The GDPR may still fine us heavily, whether or not we are to blame for the actual breach.

How Hacking is Approaching Being a Science
We may make a mistake we may regret, if we do not take hacking seriously. The 10 worst data hacks Identity Force lists are proof positive that spending lots of money does not guarantee security (any more than having the biggest stock of nuclear weapons). We have to be smart, and start thinking the way that hackers do.

Hacker heaven is finding an Experian or a Dun & Bradstreet that may have shielded 143 million, and 33 million consumer records respectively, behind a single, flimsy cyber-security door. Ignorance is no excuse for them. They should simply have known better. They should have rendered consumer data unreadable at individual record level. The hackers could have found this too demanding to unpick, and have looked elsewhere.

How Data Encryption Can Help Prevent Hackers Succeeding
Encrypting data is dashboard driven, and businesses need not concern themselves about it works. There are, however, a few basic decisions they must take:

a) Purge the database of all information held without explicit permission

b) Challenge the need for the remaining data and purge the nice-to-haves

c) Adopt a policy of encrypting access at business and customer interfaces

d) Register with three freemium encryption services that seem acceptable

e) After experimenting, sign up for a premium service and be prepared to pay

Factors to Consider When Reaching a Decision
Life Hacker?suggests the following criteria although the list is a one-size-fits-all

a) Is the system fast, simple, and easy to operate

b) Can you encrypt hidden volumes within volumes

c) Can you mass-encrypt a batch of files easily

d) Do all other files remain encrypted when you open one

e) Do files automatically re-encrypt when you close them

f) How confident are you with the vendor, on a scale of 1 to 10

It may be wise to encrypt all the files on your system, and not just your customer data. We are always open to a hack by the competition after our strategic planning. If we leave the decision up to IT, then IT, being human may take the easy way out, and encrypt as little as possible.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

Field Service Organisations should use Digital Forms

For many Organisations, making use of paper based forms, is a common practice and method for collecting data and recording transactions. Whether it be for producing Quotations, Invoices or even getting sign off on completed jobs.

Paper based forms and documents have been the main stay of office communication and productivity for over 200 years. Paper-based forms are used to create anything from Invoices, Receipts, Purchase Orders, Contracts to the humble internal memo!

Paper-based forms radically improved productivity, efficiency and compliance by enabling people to create paper based instructions and enabling others to add additional information as required.

Over the past 3 decades or so, modern business environments have gradually been evolving towards the concept of the Paperless Office, resulting in the humble Paper based document migrating to a Digital Counterpart. The ease of availability of various Word Processing and Spreadsheet software products and cheap and easy data storage capacity have resulted in the Proliferation of thousands if not millions of files and documents being stored somewhere on the Company’s IT infrastructure.

People often create Digital Templates of forms that may be printed off and supplied to staff to complete using Pen and Paper or electronically. The data collation and reporting is often process

Often when conducting Operational Reviews, it is commonly found that the processing and analysing paper based forms is the least productive, efficient and profitable areas of business, although it is often vitally important.

Benefits of using digital forms for data collection

The ability to collect and analyse data effectively is increasingly important to businesses. Companies gather, examine, process and build reports on large volumes of data. Traditionally, they have deployed mail surveys, telephone interviews, door-to-door interviews as methods to collect information. With the ongoing digitisation, these procedures have become old fashioned.The digital transformation is changing many business operations at a high speed and a great deal of processes that were executed manually are now accomplished using digital methods.

Technology has had a major impact on how to approach data research and has provided researchers new tools that have transformed and improved data collection and analysis. The pace of change requires companies to be able to react quickly and adapt themselves to changing demands from customers and market conditions.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Malware

In the past, viruses were created with the sole purpose of wreaking havoc on the infected systems. A large fraction of today’s malware, on the other hand, are designed to generate revenues for the creator. Spyware, botnets, and keyloggers steal information from your system or control it so that someone else can profit. In other words, the motivation for making them is now more attractive than before.

Keyloggers can reveal your usernames, passwords, PIN numbers, and other authentication information to their creators by recording your key strokes. This information can then be used for breaking into various accounts: credit cards, payment programs (like PayPal), online banks, and others. You’re right, keyloggers are among the favourite tools of individuals involved in identity theft.

Much like the viruses of old, most present day malware drain the resources, such as memory and hard disk space, of contaminated systems; sometimes forcing them to crash. They can also degrade network performance and in extreme cases, may even cause a total collapse.

If that’s not daunting enough, imagine an outbreak in your entire organisation. The damage could easily cost your organisation thousands of euros to repair. That’s not even counting yet the value of missed opportunities.

Entry points for malware range from optical disks, flash drives, and of course, the Internet. That means, your doors could be wide open to these attacks at this very moment.

Now, we’re not here to promise total invulnerability, as only an unplugged computer locked up in a vault will ever be totally safe from malware. Instead, this is what we’ll do:

  • Perform an assessment of your computer usage practices and security policies. Software and hardware alone won’t do the trick.
  • Identify weak points as well as poor practices and propose changes wherever necessary. Weak points and poor practices range from the use of perennial passwords and keeping old, unused accounts to poorly configured firewalls.
  • Install malware scanners and firewalls and configure them for maximal protection with minimal effect on network and system performance.
  • Implement regular security patches.
  • Conduct a regular inspection on security policy compliance as well as a review of the policies to see if they are up to date with the latest threats.
  • Keep an audit trail for future use in forensic activities.
  • Establish a risk management system.
  • Apply data encryption where necessary.
  • Implement a backup system to make sure that, in a worst case scenario, archived data is safe.
  • Propose data replication so as to mitigate the after effects of data loss and to ensure your company can proceed with ‘business as usual’.

Once we’ve worked with you to make all these happen, you’ll be able to sleep better.

Other defences we’re capable of putting up include:

Recognizing Your Carbon Footprint

Countless times we have heard of the term ?carbon footprint?. Perhaps we have seen and heard it on TV or read it in newspapers, magazines and published articles. Indeed, it has been an expression familiar to everyone as it is always associated with climate change, carbon emissions, global warming, pollution and other environmental issues. Carbon footprint is real. It exists and, in fact, continues to affect the world we live in.

Defining Carbon Footprint

Two essential words comprise the term carbon footprint. Fundamentally, ?carbon? means the carbon dioxide circulating in the atmosphere. It is also the general word used for other greenhouse gasses emitted into the air. On the other note, ?footprint? refers to impact or effect.

Think about the footprints people leave on the beach sand upon walking on the shore. That is exactly what carbon footprint is like. It’s about the impact humans leave on the earth in the form of carbon dioxide and other greenhouse gases.

Calculating Your Personal Carbon Footprint

The food we eat, products we use, vehicles we ride on and electricity we consume emit carbon dioxide. In fact, our activities, lifestyle, homes, and countries contribute to climate change. And carbon footprint is the best estimate we can get of the full impact our doings affect the earth. It quantifies the amount of our carbon emission. With this, knowing how to calculate your personal carbon footprint is important.

There are various standards in calculating one?s carbon footprint. There is the so-called ?lifestyle assessment? and the input-output analysis. Lifestyle assessment works by adding up all the feasible emission pathways while the input-output analysis involves determining the total emissions of a particular country, dividing it by the carbon-emitting sectors and estimating the overall emissions of each sector. The input-output analysis makes sure that no emission pathway is missed out.

Calculating your carbon footprint manually is an effective way for you to understand your emissions better. You just need a lot of patience to learn how each footprint is generated. Moreover, there are also several resources online that can help you calculate your carbon footprint. Online carbon calculators are abundant across the web. To make your life simpler, you can opt to try those online calculators and easily determine your carbon emissions. However, such calculators vary in scope. So make sure that the online carbon calculator, you choose, is one that?includes emissions both direct and indirect.

Avoiding Toe Prints

A toe print is a portion of a footprint. Sometimes, people are misled in their calculations because they only get a carbon toe print instead of a footprint. The idea is that, you should cover a smart scope of your carbon emissions. Not only measuring a portion, but the whole.

Say for example, running a conventional car. The carbon emitted from the car is not only the fuel combustion from the diesel or petrol.? Likewise, the carbon released as the gas was processed and transported to your nearby gasoline station is also an addition to your carbon footprint. If you do not understand this, you will end up calculating your direct emissions while neglecting the indirect ones.

Be wise in calculating your carbon footprint. And when in doubt, whether you are an individual or a business entity, you should seek help from experts who can do it right.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today