Data security is a major issue in Australia and New Zealand, with cyber attacks on the rise and businesses vulnerable to having their data and their customers’ data accessed for nefarious purposes.
The global cost of cybercrime exceeded $600 Billion in 2017 and costs the Australian economy $4.5 billion annually. There have been over 114,000 reports of cybercrime registered with the Australian Cybercrime Online Reporting Network (ACORN) since 2014 and 23,700 were reported in one six month period in 2017.
While those numbers are scary, these are only the breaches that have been reported, with many being dealt with in-house. That has all changed, with the Australian legislation of the Notifiable Data Breaches Scheme which became active on February 22, 2018.
This legislation means that not-for-profit companies with an annual turnover of more than $3 million must notify both ACORN and customers that have had their data breached in the instance of an attack.
Why it is important to be compliant
There are major penalties for businesses that fail to comply with the Notifiable Data Breaches scheme.
Civil penalties of up to $1.7 million may apply if a breach occurs and customers are not notified. There is the potential for further punishment through damages claims as well, depending on how badly the breach has impacted your customers.
If you suspect that your data has been compromised, you must advise the Australian Information Commissioner as soon as practically possible.
How to avoid data breaches – your security checklist
- Lock-out timers: By simple setting your PCs, tablets, and smartphones to automatically lock after a period of time you can prevent physical access from non-authorised people.
- Authenticated security measures: This locks your data to individuals and processes. Any outside intrusion will not be able to get past the authentication and will not gain access to your data.
- Whitelisting: You can drill down on authentication by ‘whitelisting’ especially sensitive data. Only users expressly given access to the data will be able to open it.
- Data encryption: This essentially scrambles the data so that it appears as unusable gibberish if accessed by unauthorised people or processes. Only those with a special decryption key or password will be able to interpret the data.
- Regular reviews: Like you would audit your finances or stocktake your physical product, it is important to have regular reviews on who is accessing data and when to determine if there are any anomalies.
- Anti-virus and malware software: Make sure this is up-to-date and active on all devices.
EMPR Solutions products and services that can assist
Here at EMPR Solutions, we are about more than just computer hardware and accessories. We also pride ourselves on uniquely designed solutions to satisfy customer demands across the Asia Pacific region.
We pride ourselves on being a customer-oriented business that uses our vast experience and service history to achieve solutions that meet your goals.
Get a free assessment or learn how our in-house experts can help optimise your workplace with custom tailored solutions on 1300 289 867. Alternatively, connect with us on firstname.lastname@example.org.
– Josh Alston