European Headlines: Security Sensitivity
That Mysterious Connection Between Everything, Your Personal Data, and Security
Earlier this year Europe was hit by a massive panic wave. General Data Protection Regulation (GDPR) was going live and was about to be enforced. Predictably, companies, individuals, and governments alike overreacted as if they were hit by this legislation overnight, had no time to study the details, and prepare for any of the steps involved.
GDPR has been around for a while, creating awareness and providing guidelines on how to protect personal data such as how businesses should handle any piece of information that allows identifying any individual based on specific information, regardless of whether it’s a B2B or B2C process.
Clever people have been working hard to protect their businesses, their data, and their customers’ data ahead of time. The slightly less clever ones were, and some still are, hoping for the best. Why would anyone hack into my system? We don’t have a server, everything is in the cloud, all is good. We only have a printer, we’re doing just fine. All we have is this old-fashioned fax, nothing to worry about. And so on, and so on.
By now, however, we all know nothing is safe. Not the cloud, not on the onsite server, not the printer/MFP, not even the fax. And size has long stopped to matter. You can be a target whether you’re a one (wo)man-band or a global corporation. Crime scales well, and so should security.
But we’re here in the states so this doesn’t matter, right?
Wrong. Equifax, Facebook, T-Mobile, Atlanta. I could easily fill the whole magazine with the list of companies and government bodies affected by cybercrime and data breaches this year alone, exposing millions of records of personal details, such as names, phone numbers, credit-card numbers, social-security numbers, and more.
Under GDPR, anything that impacts data security must be reported. If you fail to report, you pay a fine. If you fail to show you did everything to protect the data you’ve been trusted with, you pay a fine. If you fail to show the damage the breach has caused, yes, you pay. The more you miss to report or give insight into, the more you pay. And this applies to anyone, no matter whether you’re a European, Russian, Chinese, Senegalese, Chilean, or a U.S. company.
The latest Facebook data breach could cost Facebook up to $1.63 billion in fines in Europe alone. Not a big deal for Facebook, you may think. But, how about you being hit with a fine of 2% to 4% of your annual global turnover (yes, turnover, not revenue!)? This could hurt big time.
FCAs a managed print services professional, you might have seen HP’s videos promoting office imaging security. Please believe these videos, they are not exaggerating. And since you are a pro, you hopefully have read about document theft (paper), data theft through BYOD, and all the other ways human beings and cybercriminals can affect the data you are collecting, hosting, and sharing. You might want to start reviewing your own environment and offer to review your customers’ office environments to prevent data damage. Remember, it’s not only the classic IT infrastructure that needs to be reviewed. It starts with your colleagues and making sure they understand and adhere to your security standards with any device that is connected to your internal network and to the world outside, the way you store information both in paper and digitally, how they access the internet, and what is shared online.
There’s no need to panic. All you need to do is be vigilant, think before you give access to or access data, consider what you share with whom, where, and how. And you might want to follow trusted sources to better understand threats, prevention, and the latest local and international legal requirements for data privacy and data protection.
Please visit The Cannata Report for more on the printing and office imaging industry.