Although there has been some skepticism voiced regarding the security of OpenSSL for some time, most businesses felt assured that the popular encryption technology was securely protecting their customer data. However, upon announcement of the vulnerability, it was estimated that as many as 2/3 of all websites have had their datasecurity adversely affected.
Essentially, any business that records customer details needs to take a close look at their environment to determine if they are affected. Businesses that remain unaware of whether they are affected, should bear in mind the words of David Smith, the ICO’s Deputy Commissioner and Director of Data Protection, who commented “ignorance is no excuse” in response to Britain’s biggest abortion clinic, BPAS, facing a fine of £200,000. BPAS, a charity, failed to protect women’s personal data, including names and contact details, by storing the information in a vulnerable format on their website, claiming “they did not realise” records were being stored nor that they were accessible. Organisations must take data security seriously and have a duty of care to ensure they have in place ‘appropriate technical organisational measures’ to keep personal data safe.
The complex data backup and protection landscape today presents a seemingly never-ending challenge for IT managers as they struggle to operate amidst increasingly stringent compliance requirements and changing technology landscapes. Organisations who fail to properly protect an individual’s data find themselves in a spiral of loss of trust, customers and revenue. Target, which suffered a large data breach at the end of 2013, reported a 46% loss in fourth quarter profits and following this news, Target’s CIO announced her resignation after 5 years at the company.
Perhaps more daunting than the financial loss and operational impact upon your business following a data breach is the public backlash. Consumers are notoriously unforgiving, and a loss of their trust would be disastrous. So, what should you be doing to make sure your organisation adequately protects data?
Small firms need to urgently review their data security policy. Are your IT services protected from external threats? Not forgetting internal threats from employees, whether it be through careless human error or a deliberate attack. Are all your devices patched, secure and up to date too? How often do you backup your data? How often do you test perform restores? Do you have adequate business continuity provision in place? All these questions need answering and as a small business, time is at a premium so why not focus on your core objective and offload this responsibility to a trusted cloud services provider?
Redstor’s range of secure and encrypted cloud services are already protecting the data of over 10,000 organisations across the UK. Redstor’s Online Backup service ensures data is safely backed up offsite in an encrypted format. Our cloud sync and share service, Centrastor, enables organisations to store and share files securely online from any device with an Internet connection and our CentraStage service enables support providers to guarantee that devices they support are regularly audited, patched and safely up-to-date for effective endpoint management. Our Virtual Disaster Recovery service guarantees to have your systems up and running within minutes following a disaster. To find out more about our services and how we can help you comply with data protection laws and prevent data leakage, please contact us either by giving us a ring on 01189 515 200 or emailing [email protected].