Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

PROTECTING YOUR DATA SECURITY BLINDSPOT

Security breaches will be top of mind for all business professionals in 2017 and especially for those in financial services where the ramifications of a breach can cost an organisation millions of pounds.  However, contrary to what the flurry of news over cyber-attacks would have you believe, the majority of these breaches were not caused by hackers, but by lost or stolen laptops and mobile phones. While hacking accounted for 1 in 5 of all breaches, lost or stolen laptops were responsible for more than a quarter.

 Confidential data stored on business systems such as laptops is both an asset and a liability. As with any asset, the data should be protected, and like any liability, it requires mitigating. Personal identification numbers, payment information, passwords, customer information and intellectual property are just some of the types of sensitive data that’s stored on servers and employees’ laptops.

 The challenge is that laptops can easily be lost or targeted for theft. Employees risk misplacing confidential, personal or company data, which could get into the wrong hands, demonstrating that accidental data loss can happen to anyone at any time. Laptops are a high-value item in the second hand market, and more astute thieves are aware of the bigger value the data may have over the hardware.

 Sensitive data is a high-value target for hackers and data thieves, and you must assume the worst should an employee’s laptop go missing in the event of an accidental loss or theft. Therefore, it is crucial that you take steps to keep your data safe, should it end up in the wrong hands.

 The best way to protect the data stored on laptops is to encrypt it at the hardware level using self-encrypting solid state drives (SSDs) – this important data security step is often overlooked. New models often come with low-grade preinstalled hard drives that lack encryption technology. There are some that are sold with pre-installed hard drives withencryption, however it’s usually software-based – one of the weakest forms of encryption. Software-based encryption slows down a computer system’s performance and productivity, whilst also putting the data at risk of being compromised. This is because the software protocol relies on the operating system and remains vulnerable to rootkit attack.

Self-encrypting SSDs, on the other hand, use top-level AES 256-bit encryption technology that’s built into the storage drive to encrypt all data at the hardware level. This is the type of encryption the most risk-prone industries (financial services, for example) need to use as it helps enhance security and minimise liability.

If your organisation does become the victim of a breach or data loss, then the repercussions can be severe. Under the Data Protection Act, all organisations are liable to receive a significant fine from the Information Commissioner’s Office (ICO) for losing customers’ sensitive data. Risk management frameworks, such as ISO 27001 and COBIT, gives financial services organisations guidelines on how to best comply with data protection laws, which will become more stringent.

 Next year the EU General Data Protection Regulation (GDPR) will become enforced. This act will allow the ICO to enforce penalties which could reach the upper limit of €20m or 4% of an organisation’s global turnover – whichever is higher. For example, if the Tesco Bank hack from last November happened after GDPR goes into effect, this would have meant that Tesco would face upwards of £1.9bn in fines. Soon a breach will more than a public relations nightmare, but a huge financial setback or even bankruptcy.

Financial services organisations rely on confidential data, which includes sensitive customer data, company financial records and authentication or access controls. Using self-encrypting SSDs to lock up the data in laptops helps protect the integrity and confidentiality of your organisation’s data, and as an added benefit, can improve business productivity by eliminating the use of slower mechanical hard drives.Studies have concluded that SSDs are six times faster than traditional hard drives, meaning organisations can work faster and improve productivity, whilst also ensuring data security.

With so much focus on cyber attacks, there is a risk of overlooking data security at the hardware level – making this a dangerous blindspot for financial services organisations. Putting the right safeguards in place for data security requires extra precautions. Doing so will help prevent losing data that your organisation has a legal requirement to protect. Protect your organisation’s sensitive data by swapping out vulnerable preinstalled hard drives, and encrypting the data at the highest level. Your data is an asset and a liability – don’t let it get into the wrong hands.