High profile data breaches seem to be hitting the headlines on a regular basis. In the past two weeks alone Talk Talk suffered an attack that may have put its customers personal details out in the open while Marks & Spencer has suspended trading on its web site due to security concerns.
Information Commissioner's Office (ICO) is obliged to investigate and if there is a misuse of data then it has the power to fine businesses up to £500,000.
“Businesses must do all they can to secure their data, from anti-virus and anti-spam software to secure servers and data encryption. It is clear that customer concerns of data security will only increase and businesses that proactively address these concerns will be the ones that flourish,” says Louise Chalklen, Strident’s Marketing and Sales Manager.
It is essential for business to have a data protection policy that addresses the key principles of the Data Protection Act (DPA). The DPA controls how organisations, businesses or the government uses personal information. It is based around eight principles that everyone responsible for using data has to follow.
Data must be;
• used fairly and lawfully
• used for limited, specifically stated purposes
• used in a way that is adequate, relevant and not excessive
• kept for no longer than is absolutely necessary
• handled according to people’s data protection rights
• kept safe and secure
• not transferred outside the European Economic Area without adequate protection
On the final point, the European Court of Justice has recently ruled that data firms signed up to the U.S.-EU SAFE HARBOR scheme, which is designed to protect the rights of EU consumers storing data on US services such as Dropbox, Google and Amazon, could no longer be automatically considered to provide "adequate protection.”
The ICO has however stated “there's no new and immediate threat to individuals' personal data that's suddenly arisen that we need to act quickly to prevent." Businesses are being encouraged to take considered steps rather.
With so many businesses using US-based services, David Smith, Deputy Commissioner and Director of Data Protection at the ICO highlights his thoughts on his blog.
If you are concerned about your data protection and the security of your business, then speak to us. Strident offers a wide range of solutions that could bring additional productivity as well as security enhancements.