“Antivirus is dead” so many are touting. If we are, to be honest, to trust in antivirus alone to protect your organisation from the threat of modern hacking tools that you can buy on the web, and that a child can operate is wildly optimistic.
Let’s take a trip to the real world for the minute, the rise of the micro business, and the accelerated startup that doesn’t have the processes and procedures in place to run checks and tick boxes to adhere to compliance. Who has time to, really?
Well, we’d all better find the time. The impending EU GDPR (General Data protection Regulation) is just one of the many reasons to get a nominated individual in your organisation, however small, to look after these new and time-consuming compliance obligations. Now, you don’t need to be involved in finance, or a childrens charity, or be regulated to have the threat of an audit hanging over you, not just from the ICO (https://ico.org.uk/for-organisations/data-protection-reform/) but one of your customers or contacts, or a client that doesn’t like you anymore, or would like all the information you hold on them to be deleted, or hears about a breach that you may have had that involves all their data.
What should you do?
- Appoint an in-house staff member with the Data Protection Officer role, don’t worry, it’s not throwing them under a bus, it just means that someone has the responsibility to know what your responsibilities are. Then send them on a GDPR course.
- Get a Gap analysis done for all your security obligations.
- Action your gap analysis. It’s going to take a while and cost some money, but actually, its worth it, because it’s making us all do what we all should have been doing anyway.
For help and futher advise surrounding the EU GDPR get in touch: firstname.lastname@example.org