Enterprise, GDPR, Internet Security

Is your company prioritising security?

In this age, having your company prioritising security is essential due to the way companies are connected to local networks…

In this age, having your company prioritising security is essential due to the way companies are connected to local networks and the internet almost by default, and this is due to how much the internet has been incorporated into the everyday routine. And as with any other aspect, information systems involve a series of security risks that have to be tackled by companies in order to ensure they offer the best service they can.

If you are in charge of a company, or of its security department, there are several tasks you have to perform at all levels in order to actually be protected from all kinds of digital threats.

Security diagnosis

Your company should have security diagnosis performed and evaluated constantly, in order to know whether it’s ready to stand against any malicious attack and to check if it was a victim of a cyber crime at any point, whether successfully or not. Have a team constantly analyze incoming and outgoing traffic, as well as any strange interaction within your internal information systems. You can also check how robust your current security measures are by trying to bypass or break them and see if you can get through them.

Preventive measures

Don’t wait until your security has been breached and you’re dealing with a real problem to improve your company’s security measures. The best mindset is to think you are always being targeted and plan in advance because you never know when you will actually be targeted. The objective of a robust and structured security plan is to be active and working before any attacks, in order to ensure that your company does its work without any unexpected interruption.

Human training

Most of the time, the human factor is the weakest link in a security chain. Take enough time to prepare every person that works for your company regarding good and bad security practices, what to do and what to prevent, and especially how to act in case of a security breach. Keep them updated every so often, and organize simulations to see how they would handle an attack and correct any mistakes. We offer some advice on preventing phishing attacks in our article – 5 ways to spot phishing attacks.

Emergency plans

Remember that, no matter how much you plan, a breach is always possible, and you’ve also got to be ready to handle it. Don’t just take preventive measures, but also prepare a series of emergency plans that can be easily and quickly deployed if a security breach is detected. Consider how to handle your clients or users information, any sensitive data, your databases, your websites and applications if any, and even how to handle the press and public information. Structure several plans depending on the gravity of the situation be prepared in case you need to deploy them.

Security tools

One final good practice is to always install and run updated security tools, such as an antivirus, a firewall, a backup tool and other programs, in every single device related to your company, to aid in your security measures and stand as yet another resort against malicious attacks.

Be the first to write a comment.

Leave a Reply

GDPR

Data intelligence: why Data Protection Day is becoming increasingly important

The problem with data, whether it’s a report, an email, a spreadsheet or any other file type, is that internal personnel have to deal with it, typically through the uses of multiple applications in different locations with no real control. This raises significant questions around how this data is stored, shared and analysed.Every business must…


The problem with data, whether it’s a report, an email, a spreadsheet or any other file type, is that internal personnel have to deal with it, typically through the uses of multiple applications in different locations with no real control. This raises significant questions around how this data is stored, shared and analysed.

Every business must consider where and how their data is stored and shared, and make sure their processes are GDPR-compliant.

  • Satya Nadella calls for global GDPR
  • Majority of companies still aren’t GDPR-compliant
  • Tim Cook praises GDPR, warns about “weaponised data”

Managing data

The first aspect to look at is the encryption level. Low standards of encryption make it easy to hack sensitive information. However, even a system that has bank-level security encryption is only as strong as the permission levels assigned to the people who need to handle the data. For example, even if there are platforms preventing spreadsheet data leakage, one can still take a picture of a computer screen.

Accountability and data governance are becoming more and more scrutinised. Consider this case: British bank Barclays sent an offer to purchase another firm in 2008 that hid—instead of deleted—nearly 200 spreadsheet cells, resulting in unneces

Read More

Continue Reading
Internet Security

Can predictive analytics be made safe for humans?

Massive-scale predictive analytics is a relatively new phenomenon, one that challenges both decades of law as well as consumer thinking about privacy. As a technology, it may well save thousands of lives in applications like predictive medicine, but if it isn’t used carefully, it may prevent thousands from getting loans, for instance, if an underwriting…


Massive-scale predictive analyticsis a relatively new phenomenon, one that challenges both decades of law as well as consumer thinking about privacy.

As a technology, it may well save thousands of lives in applications like predictive medicine, but if it isn’t used carefully, it may prevent thousands from getting loans, for instance, if an underwriting algorithm is biased against certain users.

I chatted with Dennis Hirsch a few weeks ago about the challenges posed by this new data economy. Hirsch is a professor of law at Ohio State and head of its Program on Data and Governance. He’s also affiliated with the university’s Risk Institute.

“Data ethics is the new form of risk mitigation for the algorithmic economy,” he said. In a post-Cambridge Analytica world, every company has to assess what data it has on its customers and mitigate the risk of harm. How to do that, though, is at the cutting edge of the new field of data governance, which investigates the processes and policies through which organizations manage their data.

You’re reading the Extra Crunch Daily. Like this newsletter?Subscribe for free to follow all of our discussions and debates.

“Traditional privacy regulation asks whether you gave someone notice and given them a choice,” he explains. That principle is the bedrock for Europe’s GDPR law, and for the patchwork of laws in the U.S. that protect privacy. It’s based around the simplistic idea that a datum — such as a customer’s address — shouldn’t be shared with, say, a marketer without that user’s knowledge. Privacy is about protecting the address book, so to speak.

The rise of “predictive analytics,” though, has completely demolished such privacy legislation. Predictive analytics is a fuzzy term, but essentially means interpreting raw data and drawing new conclusions through inference. This is the story of the famous Target data crisis, where the retailer recommended pregnancy-related goods to women who had certain patterns of purchases. As Charles Duhigg explained at the time:

Many shoppers purchase soap and cotton balls, but when someone suddenly starts buying lots of scent-free soap and extra-big bags of cotton balls, in addition to hand sanitizers and washcloths, it signals they could be getting close to

Read More

Continue Reading
Internet Security

Atrium, Justin Kan’s legal tech startup, launches a fintech and blockchain division

Atrium, the legal startup co-founded by Justin Kan of Twitch fame, is jumping into the blockchain space today. The company has raised plenty of money — including $65 million from a16z last September — so rather than an ICO or token sale, this is a consultancy business. Atrium uses machine learning to digitize legal documents and develop applications…


Atrium, the legal startup co-founded by Justin Kan of Twitch fame, is jumping into the blockchain space today.

The company has raised plenty of money — including $65 million from a16z last September — so rather than an ICO or token sale, this is a consultancy business. Atrium uses machine learning to digitize legal documents and develop applications for client use, and now it is officially applying that to fintech and blockchain businesses.

The division has been operating quietly for months and the scope of work that it covers includes the legality and regulatory concerns around tokens, but also business-focused areas including token utility, tokenomics and general blockchain tech.

“We have a bunch of clients wanting to do token offerings and looking into the legality,” Kan told TechCrunch in an interview. “A lot of our advisory work is around the token offering and how it operates.”

The commitment is such that the company is even accepting Bitcoin and Bitcoin Cash for payments through crypto processing service BitPay.

While the ICO market has quietened over the past year following huge valuation losses market-wide, up to 90 percent in some cases with many ICO tokens now effectively worthless, there’s a new antic

Read More

Continue Reading
GDPR

5 things to consider when selecting your next online storage provider

As the demand for managed cloud and professional services rises, the considerations behind choosing the right cloud storage partner becomes more pertinent. There is a large range of variables that affect these providers’ ability to keep your data secure, your connectivity robust, and your costs low.Most data centres were “state-of-the-art” when they were built, yet…


As the demand for managed cloud and professional services rises, the considerations behind choosing the right cloud storage partner becomes more pertinent. There is a large range of variables that affect these providers’ ability to keep your data secure, your connectivity robust, and your costs low.

Most data centres were “state-of-the-art” when they were built, yet infrastructure quickly becomes obsolete if it does not adapt to the constant changes in regulation, cyber threats, and users’ needs and expectations.

Choosing the wrong cloud storage provider can have significant consequence on a business’s operations, including factors such as performance and business continuity problems, security vulnerabilities, and costs.

It pays to do due diligence before beginning a relationship of such strategic importance, so here are the five most important questions you should ask when choosing a cloud storage provider.

  • Best ways to transfer files online in 2019
  • Best ways to share big files
  • Best ways to share files securely

1. Location, location, location

In today’s hyper-connected world, it may not seem important if your data is located across town or on the other side of the world. In fact, it’s crucial to know exactly where your precious data will reside. This is important not just from a legal point of view (with legislation such as GDPR governing where some data resides) but also for a range of business continuity and performance factors.

With business-c

Read More

Continue Reading