In a year where one of the most widely used platforms in the world experienced a massive security breach1 involving a phenomenal number of users and British Airways warned hundreds of thousands of customers about a card payment breach it’s starting to feel as though data leaks are an unfortunate part of life these days. We don’t think this should be true.
The staff here at Just After Midnight have been in the digital industry a long time and most of us can remember the old days of being scared about internet privacy and giving absolutely no personal information out in cyberspace; hiding behind a perceived notion of online anonymity and aliases. Its changed. The amount of personal data now held by companies on individuals and other companies, garnered through web resources, is monumental. The once tightly controlled spread of personal information has been superseded by quick access to information, speedy purchasing and social sharing. But just because the social attitude to online sharing of data has relaxed the need for it protecting it has increased dramatically.
Why do you care?
Not only do people suffer as a direct result of data breaches there are also some knock-on effects. The public can lose confidence, trust, and faith in organisations and from investors and shareholders of companies who are shown to be guilty of not stepping up to meet the demands of data protection and information security. The reputational damage can have significant effects on revenue, share prices and even job security. Facebook lost one in 20 British users after the Cambridge Analytical scandal and possibly more2. People care about their data, they just often don’t show it.
What can you do about it?
In the main, the basic elements of protecting data are the same for both individuals and companies. The beginning is knowing which data needs protecting. At an individual level, simple practices such as managing your privacy settings on social media accounts go a long way, as does using complex passwords and managing them correctly. Companies and individuals alike must carefully consider who has access to the data. Access is a key consideration to both sets of users because of its potential risk.
But all precautions such as these do not help in cases where an organisation has a breach of their data stores. What can a person do then? Internet Guru and all-round good guy, Tim Berners-Lee has been trying make people more protective of their data. He’s been working with MIT to create an open source platform called Solid3 which gives users the option to choose where their data is stored and who can access what – giving data back to individuals’ care.
Data is one of today’s most powerful commodities and something that needs utmost protection. So when choosing to work with third party companies, security management must be high on the list of requirements. An organisation’s security culture is fundamental to the success of its information security program. For example, the entire Just After Midnight team is informed and trained regarding security practices and legislation making security part of everyone’s responsibility and we’ve been awarded ISO 27001 accreditation as well as Cyber Essentials certification. This means we have been independently audited and assessed to ensure that what we do provides the optimum protection and security for information and data aligning with GDPR and that we are taking measures to protect our own and client systems against cyber-attacks.
How this helps
We work continuously to protect customers and manage risks around information security and constantly review ways to further improve all our services including data compliancece and protection.
We work closely with every one of our clients to ensure we fully understand their needs and the information they must store and process ensuring the best solutions are in place. Security considerations are woven into every stage of on-boarding with us, as it should be. So if you would like to have a chat about security, ISO accreditation and what we can do for you get in touch!