2017 was a year of cyber threats, old and new. The continual evolution of these threats means that now, more than ever, businesses must ensure their data is secure. Data Protection Day is on 28th January and aims to educate and bring awareness to the importance of cyber security and data protection. Here are some IT experts’ views on the topic.
Tom Harwood, CPO and Co-Founder at Aeriandi:
“Having good data protection doesn’t just mean deploying the most stringent technologies. Companies also need to ensure customer data is protected from the insider threat. For example, many businesses either operate or outsource to a contact centre. A sure-fire way of eliminating the insider threat here is by making sure payment details never enter the contact centre environment. This removes the potential for both malicious and non-malicious threats. Criminals cannot steal sensitive data and employees are not required to manage customer payment details. Instead of relying on employees to handle this sensitive personal information, payments are routed via a secure payment platform. This means that agents can see the transaction is taking place but crucially have no visibility of customer data. With no sensitive data taken, processed or stored on site, the insider threat is completely removed. Agents are protected against potential criminal coercion and human error, whilst customers know their data is safe at all times. It’s a win-win.”
Mat Clothier, CEO, CTO and Founder at Cloudhouse:
“An element to data protection that is often overlooked is the need to run up-to-date operating systems. Security best practice will always advise organisations to move away from legacy, unpatched versions that are vulnerable to data theft or loss – users of Windows XP, Server 2003 and, soon enough, Windows 7, all face this challenge. However, it’s easier said than done; organisations of all industries often find themselves having to rewrite legacy apps not built for modern platforms, which can be both time-consuming and costly. Thankfully, compatibility containers can now help any business looking to take a comprehensive approach to data protection in 2018, enabling the mobility of mission-critical, legacy apps to the safety of a support OS.”
Peter Godden, VP EMEA at Zerto:
“We are less than one month into 2018, and already it’s becoming difficult to overstate the threat that an out-of-date approach to data protection poses. The recent discovery of two major security flaws, Meltdown and Spectre, as well details of the Equifax and Wannacry data breaches in the past twelve months, have proved that the whole world is vulnerable to data loss of theft.
As applications continue to become the most vital assets of businesses everywhere, the threat landscape continues to grow too. Hacks, ransomware and other types of cyber breaches will continue to become more intricate and extensive – put simply, our data is at risk. We need to assume that complex attacks will happen, and unfortunately, sometimes succeed; although it may not be the direct fault of a CEO or CIO, it is still their responsibility to be prepared for and deal with its aftermath.
Having an up-to-date, rigorous IT resiliency plan in place can prevent any lasting damage that could occur. The challenge when an unavoidable attack hits is less the intrusion itself, but rather the protection against valuable data loss and the ability to recover immediately. Ultimately, the end goal is to maintain regular business operations so that customers and end-users alike will not experience any interruption to their services and data.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.