23rd January 2018
GDPR: Just good sense
GDPR, have you heard of it? There is so much buzz about the EU’s upcoming General Data Protection Regulation that it has become a din, as well as a bandwagon for shady salesmen to jump upon. If it is not articles advising you on what IT tools you need to keep your business compliant it is assessments to identify your “company’s risk levels”.
But, really, once you can get your noggin around the complexities of UK data law, all it comes down to is arming yourself with the key facts, being ready for enforcement of the regulation on May 25 and using your common sense and business acumen to make sure things continue to run smoothly.
Get it – While WIRED deems GDPR “the biggest overhaul of data protection laws in more than two decades”, the UK's Information Commissioner stresses it is merely "evolution" rather than a full-blown "revolution" with the ICO adding "many of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA)". In fact, much will stay the same for businesses already complying with the UK's data protection law (many Switch2IT clients).
Essentially, if you are a controller or processor of personal data – e.g. you collect and manage contact information and banking details etc. – it is your duty to make sure you are aware of any differences GDPR will bring for your organisation and to do all that you can to fulfil your obligations to the law.
Data breach set – GDPR is not some miraculous fix-all when it comes to cyber security and data protection. There are still going to be occasions when your business is vulnerable to data breach threats, especially if you do not have a solid IT security strategy in place. Under the new law, you must report any data breach that endangers personal information to your local data protection regulator and, if individuals are at high-risk, you must inform them also. This is sure to make having access to services such as digital forensics and investigation a god-send.
Privacy first – Although the UK’s data protection law already insists on letting individuals know who is processing their personal information and for what purpose, the GDPR will take this one step further by demanding more transparency and detail with regard to these privacy notices.
Rights ready – GDPR brings with it eight rights, some new and some refocussed, for individuals including: the “right to be provided with fair processing information”, “right to object”, “right to restriction of processing” and the “right to data portability”. In addition, it will be easier and cost-free for individuals to access the information that any given company holds about them and make requests for it to be erased where necessary. This very much evens up the playing field when it comes to privacy and power.
What is “personal” information?
The last leg towards GDPR seems like a good time for the Switch2IT team to bring up a bugbear that has been gnawing at us for quite some time. We are all for data protection and we take great pains to increase cyber security for all our clients, advising a safe and secure data back-up strategy as standard, but how can data protection actually exist in a world where there is not really anything that constitutes private information?
In an age where we post our inner most thoughts and take part in social media games that phish our personal details and potential passwords is anything really sacred? What are you asked as a security question by your bank or mobile phone company – your postcode, date of birth, mother’s maiden name? So much of this information is already in the public domain so how can it possibly be a “security” question? With this in mind, how can our data be protected when it has already been compromised? We have said it before, and we will say it again, why does the government not look at ways to improve identification checks and why do individuals not take more care to keep shtum for their own good?
To find out more about Switch2IT’s dedication to data protection and cyber security, contact us for a consultation today.
29th August 2018
How can a VPN Increase IT Security and Business Productivity?
VPN for Better IT Security and Business Productivity At the end of the day, a business cannot run efficiently without an excellent cyber security strategy in place. Any risk of malware, hacks, phishing scams and data breaches puts your business on shaky ground and if you can avoid these pitfalls then your future will be brighter. The Switch2IT te...Read More >
31st July 2018
The Intelligence Network: Big Boys Collaborate to Tackle Cybercrime
Big Boys Pull Together to Tackle Cybercrime It seems that businesses are, at long last, going to be more accountable for cybercrime. We are happy to hear that the likes of BAE Systems and Vodafone are finally on the same page with an aim for more transparency and collaboration when it comes to cyber security. With the growth in the amount and seve...Read More >
11th June 2018
Switch2IT follows best practice Cybersecurity to Protect Clients
On going Cybersecurity Audits Protect our Clients New research conducted by Citrix – a US multinational company that provides software as a service and cloud computing technologies – shows that UK businesses often overlook the supply chain as far as their IT security strategy is concerned. And, despite confidence in their own organisa...Read More >
14th May 2018
How ready is your school's IT department for the GDPR?
Is Your School GDPR Ready? The Switch2IT team is as passionate about data privacy as it is about supporting young people and the local Sussex, Hampshire, Surrey and Kent communities. Last month we contributed £1000 to the Worthing ITU trust fund and £250 to Place2Be, the leading national children's mental health charity which aim...Read More >