Finance

Have recent data breaches changed how you think about data security?

This week, Sage experienced a data breach which affected approximately 280 UK customers. It appears that this unauthorised access to customer data was via an internal login. Oracle is also not immune from such compromises. Earlier this month, Oracle Security detected malicious code in certain legacy MICROS systems. The cause hasn’t been disclosed to the public yet.

Internet and computer security are global threats. The growing amount of electronic data means breaches are becoming more frequent.  The impact on organisations is huge from a cost perspective and reputational damage.  It could happen to any organisation.

Security breaches can lead to data loss at an unprecedented level. We live our lives online these days so the possibility that information leaks such as personal credit card details, passwords and salary data is very real. The question isn’t about whether a disaster will strike, but when.

What’s important is how organisations deal with security breaches. Having a business continuity plan is critical to mitigating incidents swiftly and intelligently. Communication is key, alongside corrective action to address the compromise. Managing uptime and productivity is a balancing act while dealing with the incident.

Adopting ISO 27001 will ensure you have the correct procedures and processes in place. This is essential when it comes to dealing with sensitive data. ISO 27001 is an information security management standard to help prevent security risks. It not only ensures legal and regulatory compliance but also that companies are adhering to best practice to keep client data safe.

Education is also critical so the whole organisation can safeguard against data breaches. It ensures that everyone knows who to contact and what to do if an incident occurs. Timing is essential so that no further breaches occur and to contain the incident.

We must all be alert to data breaches. They can strike at any time - both internal and external to the organisation.  Each time we must learn the lessons and do everything in our power to ensure that data remains secure.