The term ‘data breach’ has become a common phrase in recent years among both techies and business leaders. In 2017, the Data Protection Commissioner for Ireland (DPC), received 2,795 valid data security breaches, an increase of 26% compared to 2016.
Lately data breaches have become a big term in the media too, with the introduction of the new EU data protection act, GDPR. The new legislation requires that all organisation must admit to a data breach if it occurs and depending on the conditions can be delivered fines of up to €20m or 4% of annual turnover.
This is a fine that no business wants to receive! However, can you stop a data breach from occurring? While there’s no fool-proof technology that can 100% prevent a data breach from happening there are definite ways to reduce the chance and secure your business.
What is a data breach:
A data breach can basically be described as an intentional or unintentional release of secure or private/confidential information to an untrusted environment.
What causes a data breach:
Several factors can cause a data breach. Let’s go into the top four reasons a data breach occurs in an organisation:
This is a top cause of data breaches in organisations. In 2017 alone, over 80% of data breaches recorded were as a result of unauthorised disclosure. This means when data is released without authorisation of the individual.
Not all unauthorised disclosure are accidental. With some employees either misusing their authority to access personal data or with disgruntle employees releasing data to get back at an employer.
Loss or Theft:
Is the third biggest threat. This is normally as a result of an employee losing an unencrypted device with personal data on it.
This is when an unauthorised source tries to access your computer system by exploiting faults in it. Giving them access to steal your data.
This is software specifically designed to disrupt, damage or gain authorised access to a computer system. Malware includes any viruses, spyware, Trojans, worms and ransomware. Security issues made up 146 of the DPC breach notifications in 2017.
What should you do if a data breach occurs within your company?
- You must report any personal data breaches to the relevant supervisory authority, if the breach presents a risk to the affected individuals.
- You must do this within 72 hours.
- You must inform the affected individuals if the breach is likely to result in a high risk to the individual (credit card details, healthcare details etc…)
- You should have a high-quality risk management process and robust breach detection, investigation and reporting process.
- If there is no risk to affected individuals you must keep an internal record detailing – the means for deciding there was no risk, who decided there was no risk, who decided there was no risk and the risk rating that was recorded.
- To find out more check out the DPC’s website.
How can you prevent a data breach?
Like we said in the first paragraph there is no way to complete 100% secure your company from a data breach. However, Typetec is here to get you to the 99% mark.
With the top reason for data breaches being human error in the DPC’s report, making sure employees are security educated is essential. We offer security training to employees to give best practice and advice on how to stay protected. Additionally, we can also offer an online GDPR training course to make sure employees are up to date on the responsibilities that lie with them through the new data protection act.
To cover any loss or theft we’ve developed a solution with the leading device management vendor, Cisco Meraki. It provides you with a unified solution where you can manage all devices and networks from one centralised dashboard. Allowing you to enforce device security policies, deploy software and apps as well as remotely lock and erase devices that are lost or stolen.
Finally, for security risks like hacking and malware, we offer solutions that ensure your IT systems and data are fully protected and secure whether your data is in the cloud or on premise.
To find out more about all our security solutions get in touch!