Are UK businesses secure?
Data is a business’ most valuable asset. The data businesses hold includes everything from customer and prospect information, financial data, marketing insights and much more. The data businesses have access is vital to their growth and success, as such it is vital that there are security measures in place to manage and protect the data they collect. Further to this, it is also now more important than ever for businesses to understand the sensitive data they collect and secure it from any form of breach due to the introduction of GDPR.
How concerned are people over the security of their data?
USB Makers recently conducted an independent study that suggests that most people are worried about their personal or financial data being hacked, 65% in fact, and yet 78% are not worried about there being a data breach within their business. So, is that because we are in less control of our personal data and more confident in the various encryption controls in place to avoid a breach of data at our place of work – especially since the introduction of GDPR in May 2018?
It’s been just over a year since the GDPR (General Data Protection Regulation) came into effect in the UK. Since it was launched, the ICO has recorded a rise in data protection complaints, which goes to show how important people take their data management and any potential abuse of it.
Is data security taken seriously?
On the run-up to the introduction of GDPR, many large companies hired consultants and specialized organizations to help them become compliant, spending almost £1 billion in the process. However, according to the independent study conducted by USBMakers.com, only 42.5% of respondents audited their data processes on the run-up to GDPR. What’s more, only 16.8% appointed a data protection officer, even though appointing a DPO is mandatory as they are held accountable for data management within their respective organizations and are required to report any data breaches that occur.
Data storage is also still an issue, with only 28% of the USB Makers survey respondents currently using the cloud when cloud technologies are more secure than storing data on-premise.
One of the biggest concerns people have surrounding cloud storage is loss of data rather than it being hacked. However, it is possible to use multiple systems to ensure your data is secure and backed up by using a sharing platform in unison with the cloud storage you opt for, which will track changes and store deleted data.
Further to this, 30.2% of survey respondents did not know whether they’d been hacked and are therefore open to potential risks. Since people are the greatest risk to data it’s more important than ever to ensure staff has a greater understanding of the rules and regulations of GDPR along with the associated risks to data.
Data security as a strategy
The number of complaints and reports will only continue to rise as data protection agencies scale up their inquiries and have increased resources available to them. It’s for this reason that businesses should consider creating data security strategies, which should include, firstly appointing their DPO and then reviewing their compliance and security regularly. What’s more, since people are the biggest security risk to data, all staff should be trained to be aware of how to properly input, monitor, manage and utilize data, as well as understanding how to discard data in the correct way depending on the company’s data storage policies.
Only by providing all staff with the necessary information are businesses able to minimize their risk to data, along with fines as part of GDPR, which can be up to 4% of annual global turnover or €20 million – whichever is greater.