Following last week’s Data Privacy Day, an industry spotlight has been placed on the topic of data privacy. This is especially important as the shift towards remote working and an increased reliance on digital services continues into 2021 – today, data privacy and security is more crucial than ever. In light of this, four industry experts share their advice on the topic.
Gus Tomlinson, General Manager at GBG:
“In today’s increasingly digital society, data is a driving force. Our identities are now shaped by a complex set of data points, each of which are vital in keeping the wheels of commerce turning. They create digital trust, allowing people to access services safely and remotely, without opening the floodgates to fraud.
“However, with this increased reliance on data comes the debate around data privacy. Our recent research found that 33% of the public now believe their personal information is currently available for sale online, highlighting a dip in consumer trust when it comes to their personal data. What’s more, 1 in 3 have become more worried about fraud, as a result of the pandemic and the uptick in COVID-19 related scams. This ‘trust gap’ therefore poses a real risk to businesses, and even entire sectors. If they get the data privacy balance wrong, they’ll lose trust – and therefore customers – for good.
“Ultimately, organisations need to be transparent with consumers about how their data is used. Improving data education for consumers and within businesses will help to ensure that data privacy standards are maintained, and that contextual, connected identity intelligence is a safe, secure layer in our post-digital world.”
Shakeel Ahmad, Director of Security Consulting, NTT:
“The power of data is evolving at an unprecedented rate. We don’t have to look far for examples of its positive and negative use – and, in turn, its ability to change our daily lives. As a result, our approach towards its ownership is shifting. Across the world, governments and businesses are changing their working practices, and in some cases, their entire business models to ensure data is handled safely and ethically.
“Organisations are faced with numerous challenges when it comes to storing, verifying and securing data, while making sure it can be monetised it for profit. Data can now be stored in a variety of ways, through new and existing tech such as customer-owned centralised PODs. Meanwhile, data verification and security is under increasing scrutiny as misinformation, deep fakes and fake news continue to spread across the internet at an alarming pace.
“Ultimately, establishing good data practices is everyone’s responsibility. However, it’s vital that large enterprises lead by example, supporting their customers with solutions and advice for effective data management and security.”
Richard Montbeyre, Chief Privacy Officer (DPO) at BMC Software:
“In the past year, Covid-19 has had a major impact on privacy and security. With vast majorities of the workforce now logging on to enterprise systems remotely, businesses must maintain confidentiality and ensure that the company is protected from unauthorised access. Replicating a secure environment for remote working devices has therefore become crucial to protecting an autonomous digital enterprise’s assets – such as creating containers within devices that meet company security standards, allowing employees to safely access enterprise systems with personal devices. Technical means, including VPNs and multi-factor authentication, can also help to protect devices at home, while services and tools such as reporting tools, help lines, and escalation mechanisms, can support employees when it comes to data security. With these adaptive cybersecurity measures in place, any vulnerabilities, breaches or hacks can be detected almost as quickly as if everyone was working in the office.
“Ultimately, having strong, adaptive security practices in place can ensure the company’s data privacy is optimised and all sensitive enterprise data is securely stored.
“Unfortunately, employees often feel less bound by company security and data protection policies when not in the office – however, it’s vital that they stay vigilant. Having the right awareness training in place can help improve data security and help employees recognise attacks that target individuals, such as phishing attempts. With a combination of technical measures and situational training, employers can keep awareness levels high and transform the capabilities of remote employees to ensure they still comply with data privacy regulations while working from home.”
Ramsés Gallego, International Chief Technology Officer, Micro Focus:
“Faced with a constantly evolving threat landscape, made even more complex by a rising number of cyber-attacks amid the global pandemic, organisations are under more pressure than ever before to keep their data safe and comply with regulations such as the GDPR.
“The mass move to remote working last year led to a number of significant challenges for businesses, from procuring the right hardware for employees to enabling remote access via the cloud. While this acceleration to a digital-first approach should be looked at positively, the resulting distributed infrastructure has created new attack vectors for cybercriminals – and, in turn, a greater potential for damaging data breaches.
“Within this new reality, becoming cyber resilient is a business necessity. Organisations should make extensive plans to effectively prepare for, respond to and recover from cyber threats. This involves implementing advanced analytics tools and frameworks to help teams identify emerging threat vectors and attack patterns. It also means critically evaluating established security concepts. Traditional perimeter-based approaches are no longer holding up, so factoring in application security and identity governance processes and tools is crucial for safeguarding sensitive information regardless of where it‘s stored.
“By remaining vigilant and using next generation security technology, organisations can ensure they are in the best position to protect their entire IT ecosystem against data breaches. Ultimately, building a roadmap to cyber resiliency is vital for long term success.”