"Theres no better time than Data Protection Day for businesses to be prioritising taking action against data breaches. "
Scott Bordoni, Data Protection Lead at Sync GBM
Technology over the past few decades has become an increasingly integral aspect of the workplace. Businesses rely on technology to be connected at all times and conduct work effectively. However, when these lines of communication are threatened or even compromised, it can have a disastrous effect.
One of the most high profile cyber attacks came when telecoms giants, TalkTalk, had its personal details hacked in 2015, which resulted in a record fine of £400,000 for the security failings. Similarly, Three Mobile was also victim to a cyber attack which saw more than 200,000 people’s information exposed.
However, it’s not just big businesses who need to worry about data protection leaks. No business is too small to be at risk of an attack. Last year, SME Boomerang Video was fined £60,000 for leaving itself vulnerable to hack attacks, and other SMEs, such as software company PCA Predict, have experienced cyber attacks in recent years.
These examples are the tip of the iceberg and emphasise the need for businesses to protect data from malicious attacks with strong security, especially with January 28th marking Data Protection Day.
Data leak protection
The number one way that businesses can ensure their data is protected from any leaks is by limiting the amount of personal information available in the public domain.
Other ways personal risk of exposure can be minimised is by setting up a ‘burner email’, which is essentially a dummy email account that can be used when signing up for a site or service you don’t want to give a real email address too. The bonus of a burner email is it can be set up so that any replies are forwarded automatically onto the real email address, but it gives the security that an email address isn’t being shared around.
If you’re concerned their email account may have been compromised, there is an online tool called ‘Have I been Pwned’ which allows users to search across multiple data breaches to see if an email address has been compromised.
Ransomware attacks have risen in prominence with the prevalence of cloud services for storing data. There seems to be a misconception that storing data in the cloud is much safer and more secure than your computer’s hard drive.
To protect against ransomware attacks, you should ensure that valuable data is backed up in multiple places. This shouldn’t be limited to cloud services, but also locally and on a portable hard drive.
It’s also important that a business keeps its antivirus software updated at all times, and that you have a specific ransomware protection software that can adequately protect against an attack. One option is the Intercept X by Sophos which uses deep learning malware detection to safeguard against the widest range of attacks, and also supports existing security or antivirus software.
To ensure you don’t become victim to a phishing scam, businesses should avoid opening or responding to unexpected emails which ask for personal information. This can also be supported by not posting too much personal information online, as an opportunist scammer can (and may) use this information to convince of their legitimacy when getting in touch.
Impact of a data breach
With the recent implementation of GDPR last year, any breaches have to be reported to the ICO (Information Commissioner's Office). As a result, the fines have dramatically increased which could also mean the average cost of data breaches rise even further in the coming years. The impact of a data breach since the introduction of GDPR can also be greater with the ICO being able to stop a business from processing data in the future.
There’s no better time than Data Protection Day for businesses to be prioritising taking action against data breaches.
To find out more about Sync, please visit www.sync-store.co.uk.