The General Data Protection Regulation & The Duty to use Encryption

The General Data Protection Regulation, abbreviated to GDPR, raised a storm when it arrived. In reality, it merely tightened up on existing good practice according to digital security specialists Gemalto. The right to withhold consent and to be forgotten has always been there, for example. However, the GDPR brings a free enforcement service for consumers, thus avoiding the need for third party, paid assistance.

The GDPR Bottom Lines for Data Security
Moreover, the GDPR has penalties it can apply, of the order that might have a judge choking on his wig. Under it, data security measures such as pseudonymisation (substitution of identifying fields) and encryption (encoding including password protection) have become mandatory. Businesses must further respect their client data by:

a) Storing it in a secure environment supported by robust services and systems

b) Having proven measures to restore availability and access after a breach

c) Being able to prove frequent effectiveness testing of these measures.

The General Data Protection Regulation places an onus on businesses to report any data breaches. This places us in a difficult situation. We must either face at least a wrist slap upon reporting failures. Alternatively, pay a fine of up to ?10 million, or 2% of total worldwide annual turnover.

The Engineered Weak Link in the System
Our greatest threat of breach is probably when the data leaves our secure environment, and travels across cyberspace to an employee, stakeholder, collaborator, or the client themselves. Since email became open to attack, businesses and individuals have turned to sharing platforms like Dropbox, Google Drive, Skydrive, and so on. While these do allow an additional layer of password protection, none of these has proved foolproof. The GDPR may still fine us heavily, whether or not we are to blame for the actual breach.

How Hacking is Approaching Being a Science
We may make a mistake we may regret, if we do not take hacking seriously. The 10 worst data hacks Identity Force lists are proof positive that spending lots of money does not guarantee security (any more than having the biggest stock of nuclear weapons). We have to be smart, and start thinking the way that hackers do.

Hacker heaven is finding an Experian or a Dun & Bradstreet that may have shielded 143 million, and 33 million consumer records respectively, behind a single, flimsy cyber-security door. Ignorance is no excuse for them. They should simply have known better. They should have rendered consumer data unreadable at individual record level. The hackers could have found this too demanding to unpick, and have looked elsewhere.

How Data Encryption Can Help Prevent Hackers Succeeding
Encrypting data is dashboard driven, and businesses need not concern themselves about it works. There are, however, a few basic decisions they must take:

a) Purge the database of all information held without explicit permission

b) Challenge the need for the remaining data and purge the nice-to-haves

c) Adopt a policy of encrypting access at business and customer interfaces

d) Register with three freemium encryption services that seem acceptable

e) After experimenting, sign up for a premium service and be prepared to pay

Factors to Consider When Reaching a Decision
Life Hacker?suggests the following criteria although the list is a one-size-fits-all

a) Is the system fast, simple, and easy to operate

b) Can you encrypt hidden volumes within volumes

c) Can you mass-encrypt a batch of files easily

d) Do all other files remain encrypted when you open one

e) Do files automatically re-encrypt when you close them

f) How confident are you with the vendor, on a scale of 1 to 10

It may be wise to encrypt all the files on your system, and not just your customer data. We are always open to a hack by the competition after our strategic planning. If we leave the decision up to IT, then IT, being human may take the easy way out, and encrypt as little as possible.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

Spend more to reduce costs?

It is becoming increasingly important to not to analyse energy consumption for all utility types, be it electricity, gas, water, heat, renewables, oil etc. The bottom line is both operational efficiency and utility costs monitoring. In the long run, these are management strategies designed to drive energy costs downwards as a continuous improvement cycle and as a measure of reducing carbon emissions.

It is also getting increasingly easier for organisations reduce energy use and achieve this goal using technology without having to “remember” to do it yourself. Organisations can never go wrong by investing in energy management software. There are varied software options to choose from depending on the organisational objective.
Some of the energy management objectives that organisations may need to meet are:

? Establishing baseline energy use

? Carrying out Energy audits

? Monitoring and measuring energy performance against the energy policies of an organisation and objectives

? Achieving energy certification
Energy management software?s come in handy when an organization wishes to achieve either of the above objectives.

Use of energy management software?s also assists organisations in measurement and verification of energy consumption as well as Monitoring and Targeting. Measurement and verification is where a company quantifies energy consumption beforehand (baseline energy use) and after energy consumption measurements are implemented in order to verify and report on the level of savings actually achieved.

Organisations that wish to verify the energy savings achieved by building retrofits can use energy management software?s. This is an important objective for companies that wish to either satisfy internal financial accounting and reporting requirements, or to meet the terms of third-party contracts for project implementation and management. Monitoring and targeting is also made easier by use of software. This is critical as a management technique, regardless of whether an organisation has specific facility retrofits in order to keep operations efficient and to monitor utility costs.
Overall, an investment in energy management software, is worthwhile in the achievement of management strategies designed to drive energy costs downwards as a continuous improvement cycle.

The General Data Protection Regulation & The Duty to use Encryption

The General Data Protection Regulation, abbreviated to GDPR, raised a storm when it arrived. In reality, it merely tightened up on existing good practice according to digital security specialists Gemalto. The right to withhold consent and to be forgotten has always been there, for example. However, the GDPR brings a free enforcement service for consumers, thus avoiding the need for third party, paid assistance.

The GDPR Bottom Lines for Data Security
Moreover, the GDPR has penalties it can apply, of the order that might have a judge choking on his wig. Under it, data security measures such as pseudonymisation (substitution of identifying fields) and encryption (encoding including password protection) have become mandatory. Businesses must further respect their client data by:

a) Storing it in a secure environment supported by robust services and systems

b) Having proven measures to restore availability and access after a breach

c) Being able to prove frequent effectiveness testing of these measures.

The General Data Protection Regulation places an onus on businesses to report any data breaches. This places us in a difficult situation. We must either face at least a wrist slap upon reporting failures. Alternatively, pay a fine of up to ?10 million, or 2% of total worldwide annual turnover.

The Engineered Weak Link in the System
Our greatest threat of breach is probably when the data leaves our secure environment, and travels across cyberspace to an employee, stakeholder, collaborator, or the client themselves. Since email became open to attack, businesses and individuals have turned to sharing platforms like Dropbox, Google Drive, Skydrive, and so on. While these do allow an additional layer of password protection, none of these has proved foolproof. The GDPR may still fine us heavily, whether or not we are to blame for the actual breach.

How Hacking is Approaching Being a Science
We may make a mistake we may regret, if we do not take hacking seriously. The 10 worst data hacks Identity Force lists are proof positive that spending lots of money does not guarantee security (any more than having the biggest stock of nuclear weapons). We have to be smart, and start thinking the way that hackers do.

Hacker heaven is finding an Experian or a Dun & Bradstreet that may have shielded 143 million, and 33 million consumer records respectively, behind a single, flimsy cyber-security door. Ignorance is no excuse for them. They should simply have known better. They should have rendered consumer data unreadable at individual record level. The hackers could have found this too demanding to unpick, and have looked elsewhere.

How Data Encryption Can Help Prevent Hackers Succeeding
Encrypting data is dashboard driven, and businesses need not concern themselves about it works. There are, however, a few basic decisions they must take:

a) Purge the database of all information held without explicit permission

b) Challenge the need for the remaining data and purge the nice-to-haves

c) Adopt a policy of encrypting access at business and customer interfaces

d) Register with three freemium encryption services that seem acceptable

e) After experimenting, sign up for a premium service and be prepared to pay

Factors to Consider When Reaching a Decision
Life Hacker?suggests the following criteria although the list is a one-size-fits-all

a) Is the system fast, simple, and easy to operate

b) Can you encrypt hidden volumes within volumes

c) Can you mass-encrypt a batch of files easily

d) Do all other files remain encrypted when you open one

e) Do files automatically re-encrypt when you close them

f) How confident are you with the vendor, on a scale of 1 to 10

It may be wise to encrypt all the files on your system, and not just your customer data. We are always open to a hack by the competition after our strategic planning. If we leave the decision up to IT, then IT, being human may take the easy way out, and encrypt as little as possible.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
How CRM-eCommerce Integration can help you Win a Price War

There are a number of reasons why more people are buying stuff online. One of the biggest is price. You can afford to sell your goods at cheaper prices on the Internet because you’re free of the usual operating expenses like rent, electricity, and staff salaries. That should translate to some nice savings, right?

No savings in a price war

Sadly, there?s one more thing that can drive your prices even lower: a price war. Just like in the brick-and-mortar world, a good number of online retailers are now trying to undersell each other. So even if they are able to achieve reduced OPEX, they would still find it difficult to make substantial savings.

What you need to understand is that, while price is a big motivator for buying online, it is no longer the only factor experienced online shoppers consider when choosing between two online shops.

Customers who buy purely on the basis of price, are very fickle. They can easily jump ship as soon as they discover another online store offering better discount. If what you’re looking for are repeating, loyal customers, you can’t make low prices your key differentiator.

Winning customer loyalty

Just like in the brick-and-mortar world, buyers will keep coming back to you if they find in your website true value for their money. There certainly are people who don’t just look at price tags when buying products from the Web. These folks are looking for the total package.

But other than affordable prices, what factors can win customer loyalty? You’re probably thinking a fresh user interface, multiple payment options, a good return policy, prompt delivery, reviews and testimonials, product comparisons, and so on.

Well, those are important too and you certainly should have those features and characteristics in place.

Meeting customers? needs through CRM-eCommerce integration

But there?s more you can do to enhance the customer?s experience on your site. Offering exactly the products they’re looking for and providing all relevant information they need when they need it, will give them a sense of belonging.

Since different customers have different desires you obviously would have to know your customers first before you can attempt to fulfil those desires. And, honestly, the only way to do that with accuracy and precision, and the only way to collect a significant amount of relevant customer information and make sense of it all, is by integrating CRM with your e-commerce platform.

Increasing Sales and Savings from integrating CRM into e-Commerce

The main benefit of integrating CRM with e-commerce is that it will help you enhance the customer experience. That’s cool but what does that translate to monetarily? Well, for one, that can significantly increase customer retention. Higher customer retention can only lead to increased sales in the long run.

As with regards to savings, if you are able to deliver exactly what your customers want, you can significantly bring down refunds and charge-backs.

Very few businesses have the financial resources to meet their competitors head on in a price war. Chances are, you’re not one of those few. Still, whether you like it or not you’re already in the thick of it. By building customer relationships, you can win the price war without engaging in it.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today