Connect with us

Business

UK Consumers to Target Businesses with Onslaught of Data Privacy Requests Following Deadline for GDPR Compliance

UK Consumers to Target Businesses with Onslaught of Data Privacy Requests Following Deadline for GDPR Compliance
  • 40 per cent of UK consumers intend to exercise their data privacy rights in the next six months, finds research from Veritas
  • Financial services, retail and social media companies to be hit the hardest with personal data requests

New findings from a study by Veritas Technologies, a leader in multi-cloud data management, indicate that many organisations will be inundated with requests for personal information from UK consumers, with two in five (40 per cent) already planning to take advantage of their data privacy rights within six months of the new General Data Protection Regulation (GDPR) coming into force on May 25, 2018.

Under the new GDPR, European Union (EU) residents will have greater control over their personal data. Currently, EU residents already have the right to ask a company what personal data is held on them (e.g., gender, age, location, sexual preference, religious beliefs, passport/ driver’s licence information, etc.) and beginning May 25, 2018, they will also have enhanced rights to ask to have their data deleted (‘right to be forgotten’). Businesses will be required to sufficiently respond to these requests within one month of receiving the request.

A new study, commissioned by Veritas and conducted by 3GEM, surveyed 3,000 adults, including 1,000 in the UK. It reveals that consumers are most likely to target the following industries with personal data requests:

  • Financial services companies, including banks and insurance companies (56 per cent)
  • Social media companies (48 per cent)
  • Retailers (46 per cent)
  • Former, current or potential employers (24 per cent)
  • Healthcare providers (21 per cent)

The findings come as consumers reveal an increasing need to regain control over their personal data as trust in businesses to protect data fades, and as more and more consumers express a desire to put organisations to the test to understand whether they value consumer rights.

“In light of recent events surrounding the use of personal data by social media, and other, companies, consumers are taking much more of an interest in how their data is used and stored by businesses across many industry sectors,” said Mike Palmer, executive vice president and chief product officer, Veritas. “With a flood of personal data requests coming their way in the months ahead, businesses must retain the trust of consumers by demonstrating they have comprehensive data governance strategies in place to achieve regulatory compliance.”

 The driving force behind a rise in data privacy requests 

The forthcoming GDPR will impact any organisation that gathers, processes or stores the personal data of individuals in the EU. The research shows UK consumers welcome their enhanced privileges. Of those that intend to exercise their rights, two-thirds (65 per cent) plan to request access to the personal data a company holds on them, while the majority (71 per cent) intend to exercise their right to be forgotten under the new regulations.

The key drivers for exercising their data privacy rights are:

  • Increased control over personal data: over half (56 per cent) of respondents don’t feel comfortable having personal data sit on systems that they have no control over.
  • A clearer understanding of what data companies hold on them: over half (56 per cent) want to understand exactly what personal information companies hold on them.
  • Data breaches increase the likelihood of receiving requests for personal data: nearly half (47 per cent) of respondents will exercise their rights to request personal data and/or have that data deleted, if a company that holds their personal information suffers a data breach.
  • Businesses are not trusted to protect personal data: over a third (37 per cent) intend to exercise their data privacy rights because they do not trust companies to effectively protect their personal data.
  • Consumers want to put companies to the test: over a quarter (27 per cent) want to test businesses to understand how much their consumer rights are valued before deciding whether to continue doing business with them.
  • Consumers want to get revenge:  eight per cent will exercise their data privacy rights simply to irritate a company that they feel has mistreated them.

Under the new GDPR, this influx of personal data requests will need to be answered by organisations within a one month time limit. But meeting this timeframe may be difficult as many organisations have limited visibility into what data they have and where it is located.

 Most consumers do not expect organisations to be capable of fulfilling their requests under the new regulation. The majority (79 per cent) believe that organisations won’t be able to find and/or delete all of the personal data that is held on them, and a fifth (20 per cent) believe that businesses will only be able to deliver up to 50 per cent of the personal data they hold.

 “It’s imperative that businesses embrace technology that can help them respond to these requests quickly, with a high degree of accuracy. This means having the ability to see, protect and access all of the personal data they hold regardless of where it sits within their organisation. Businesses that fail to recognise the importance of responding effectively and efficiently to personal data requests will be putting their brand loyalty and reputation at stake,” added Palmer.

In addition to this research, Veritas today announces the latest update to Veritas Enterprise Vault, part of its Digital Compliance suite of products.  Veritas Enterprise Vault 12.3 leverages intelligent classification for hybrid archiving, a new approach for automating cloud and on-premises storage decisions that delivers optimal flexibility and operational efficiency.  The new privileged delete feature streamlines data expiration upon request to help comply with GDPR “right to be forgotten” requests or to simply clean up legacy content manually.

For further information on how Veritas Technologies can help your organisation become GDPR compliant visit https://www.veritas.com/gdpr.

Business

The ultimate tech guide to remote working for the casual worker  

The ultimate tech guide to remote working for the casual worker   1

By Paul Routledge D-Link Country Manager

Like many others, you may have grabbed your laptop in the middle of March and headed home, with the initial plan of three weeks working on the sofa, in the garden or in the upstairs office you never use. As always, the picture in your head doesn’t quite match the reality, and now after an extended period, it might be time to make a few upgrades and create a more workable home office environment. From the smaller problems, like a lack of USB ports to charge both your phone and plug in your wireless mouse, to the 10 year older router that powers your wireless network, if you are going to work from home for a long period, you should consider resolving these issues.

If you work from home infrequently, or your network requirements amount to just checking emails, file downloads/uploads and the occasional video conference meeting, then a basic set up is all you require. Let’s run through the requirements for a basic home office set up.

First things first – establish a plan! What is the end goal? More connectivity, faster speeds, data security and better capacity are all possible, but there are a few things to consider before we dive in

  • Your environment  – Mansion, house, flat or garden, where you plan to work will have an impact on what equipment you need
  • How often will you be working at home Are you at home every day or just 1 day a week
  • Bandwidth requirements –  Are you hungry for bandwidth? video conference calls or upload/downloading images and videos
  • Wired or Wireless –  Can you cable up devices or is it mostly going to be wireless connectivity
  • Level of security –  If you work with personal data or financial details for instance, you will need to consider a higher level of security

USB hub/docking station

Let’s run through the requirements for a basic home office set up. As the streamlining of most modern laptops continues, the added portability often has a negative impact on connectivity, sacrificing Ethernet, HDMI and USB ports. As most offices will have docking stations, this only becomes an issue at home. A USB hub acts like a docking station and enables you to connect all of your devices, charge your phone, and connect multiple monitors.

What is a Hub? A Hub will add extra ports to your laptop, desktop, games console or other devices with a USB port, usually they will be USB-A or USB-C. Hubs can also draw power via the USB connection and their lightweight portability allows them to fit into your pocket. USB hubs are plug and play meaning they can just be plugged into your device and they are ready to go.

The router is the king

When its comes to internet, the router is the king – the gateway to all the rest of your networking solution. So if you are still using the router your ISP provided, you could be limiting your network wireless speeds, security and reliability.

Wireless Speed – Wi-Fi 5 or Wireless AC, is the current standard technology in the market but a router advertised as AC1200 doesn’t mean you’re getting a top speed of 1,200Mbps. This number is a combination of band speeds (2.4 and 5 GHz) For example, an AC1200 router is going to have a 2.4GHz band with a top speed of 300Mbps and a 5GHz band with a top speed of 867Mbps.

Coverage Area –  If you have a larger area to cover, a router with more external antenna’s will provide more flexibility, because they can be adjusted to focus broadcast in different directions.

Mu-Mimo (multi user, multi input, multi output)  – MU-MIMO allows the router to broadcast to many devices on the network at the same time, as opposed to one at a time, increasing efficiency.

QoS (Quality of Service)  – QoS lets you tell your router which devices you would like it to prioritise, so that you can choose which devices have priority such as your work laptop or VoIP handset.

App-Based Management  – Apps simplify the task of setting up and making adjustments to your Wi-Fi network, monitoring when devices are connected and helps to easily manage router updates.

Wi-Fi 6

Why do you need Wi-Fi 6? Because your smart home is reaching the limits of its potential. Prevailing Wi-Fi standards simply aren’t built to support “noisy” Wi-Fi environments with countless personal devices and smart home gadgets running simultaneously 24/7. Wi-Fi 6 brings next-generation Wi-Fi technology into your home, giving you the quantum leap in capacity, speed, and range you need to handle all your Wi-Fi demands. Perfect for high-performance, highly device-dense smart homes. Its saves on battery life, With Wi-Fi 6, you get up to 4X more device capacity than you do with Wi-Fi 5 AND includes wireless encryption.

Switching  – Wired Networks

What considerations do you need to make for a wired network? If its possible within your home, a wired network solution can provide better stability and performance than a wireless one, as wired connections are less prone to radio interference and lose fewer packets of data that need to be retransmitted.

Paul Routledge

Paul Routledge

In reality however, it may not be convenient to run cables to every device, so we recommend to use a wired connection when you can, then a wireless connection when you can’t. How many ports do you need? This is where the planning aspect of the network comes in, a normal router will have 4 Lan ports, so an idea of how many extra ports you will need is necessary, just think of all the work or home devices you’ll want to plug in, desktop PC, smart TV, VoIP phone, games console and the switch itself. Switches are most common in 5 or 8 ports versions although many have up to 52 ports!

Network Speed

A switch will either be labelled with Fast Ethernet (10/100mbs) or Gigabit (10/100/1000mbs).

Fast Ethernet

Fast Ethernet can handle speeds up to 100 Mbps, which is probably enough for some people, but those with superfast internet services, will lose the benefits.

Gigabit

10x faster than FE, Gigabit Ethernet can handle the fastest home broadband connections and has the bandwidth to handle high local network demands.

PoE support

Power over Ethernet (PoE) enables network switches to transmit both power and data through an Ethernet cable at the same time, so your PoE enabled switch can connect to an Access Point, Camera or VoIP phone, when there is no power outlet available

Continue Reading

Business

Safeguarding international logistics arrangements during the coronavirus crisis

Safeguarding international logistics arrangements during the coronavirus crisis 2

By Adam Ewart, CEO and Founder of Send My Bag

It has certainly been a whirlwind couple of months. The coronavirus – which at the start of the year seemed like a distant, incomprehensible issue – has impacted virtually every aspect of everyday life. There are live outbreaks in every continent – bar Antarctica – forcing a significant proportion of the global population under some form of lockdown. This has, of course, had a significant impact on the day-to-day operations for industries across the global economy, including international logistics.

Pain points of international logistics sector under changing conditions

The international logistics industry was among the first to feel the pinch from coronavirus. Seven of the top nine container ports in the world are based in China, and the other two ports are in Singapore and South Korea. All three of these countries were hit early by the pandemic and shut down their borders to prevent the spread of the virus. But this has resulted in ships being unable to get into Chinese ports or not being able to load or discharge goods when they dock.

But it’s important to note that not all businesses in the vast international logistics sector have experienced exclusively negative impacts as a result of the coronavirus outbreak. For instance, Send My Bag saw a 1320% year-on-year increase in demand in March, as people started relocating to their home countries. Similarly, orders from Germany, Spain, and Netherlands also rose by 700%, 800% and 600% respectively as travel bans were introduced.

As a result, the business faced a slightly different challenge to other businesses in the international logistics sector – how to respond to a sudden increase in orders. Although our customer base is globally spread and customers use our service for a range of reasons, we do still find the summer months to be our busiest. As such we’ve become accustomed to dealing with seasonality and our customer service runs on flexible systems that can be scaled up or down. Therefore, when we experienced a large spike in orders in March, we shifted to our summer plan and implemented a wide range of measures to respond to the surge in demand, including changes to shifts and rolling out an overtime schedule. We also asked staff if they would like paid work as an option during their annual leave.

The importance of strong leadership and HR functions in crisis

Most importantly during this hectic period were the HR measures we implemented supported by a clear and transparent line of communication with staff. As talks of unemployment filled the news, before the government announced its job retention scheme, we told our entire team that no one would be laid off regardless of any decline in orders anticipated over the next 12 weeks.

There is so much anxiety amongst employees across a range of sectors which could adversely impact their ability to do their job and in turn, impact business performance at a crucial time. It is therefore vital that business leaders are up-front and honest with their employees and imbue them with the confidence needed to do their job to the best of their ability.

We’ve seen businesses both succeed and fail at this essential task during the crisis. For instance, Amazon has been in the news for all the wrong reasons, stretching from failing to provide adequate protection for its warehouse workers to its multi-billionaire owner asking the public to pay for Amazon drivers’ sick pay. Whereas, on the other side of the spectrum you have Jack Ma, co-founder of the Alibaba Group, who donated 1 million masks and 500,000 test kits to America and – via his foundation – sent supplies to over 60 countries, including several in Europe and every African nation.

Adapting to change

Adam Ewart

Adam Ewart

Aside from implementing an effective line of communication with staff, the best way business leaders can safeguard their international logistics arrangements in the current climate is by being flexible. In these extraordinary times, businesses mustn’t stick to what they know. You’ve got to be adaptable, flexible and willing to look at alternative ways to deploy your business.

Take Cainiao Smart Logistics Network, the logistics arm of Alibaba, as an example. The network teamed up with a dozen logistical partners to launch a ‘Green Channel’ initiative to expedite the fast and safe delivery of medical supplies throughout China. Not to be outdone by its close competitor, JD Logistics, another China-based logistics business, adapted its supply network and deployed autonomous ground robots for last-mile delivery of crucial supplies in the worst affected hospitals in Wuhan.

At Send My Bag, we had to navigate increased costs and transport restrictions imposed by nations in response to the coronavirus crisis. This included our partners needing to re-route orders when borders were closed – which was particularly prevalent in mainland Europe – and scheduling additional dedicated aircraft to complete our orders when there was a lack of commercial cargo space. Also, certain nations, such as South Africa, are currently only permitting international logistics networks to handle essential goods. To overcome these logistical issues, we had to be flexible and keep customers informed throughout.

Now, as the large spikes we experienced in March have plateaued to some extent, we have reverted back to our off-peak operation plan and are looking at different ways to use our capabilities. This included supporting an initiative to transport testing and PPE kits to frontline medics.

These are difficult and uncertain times for the international logistics industry. The supply lines that we rely on are being disrupted and some sectors are facing a drop in demand, whilst others are experiencing a spike. During these turbulent times, business leaders must be adaptable, show leadership and support their employees.

Continue Reading

Business

A holistic view of organisational security

A holistic view of organisational security 3

By James Ward, Senior Cyber Consultant at MASS

The finance sector is typically more developed than others when it comes to implementing security measures. This is partly due to it being targeted by a diverse range of threat actors who are some of the most advanced, and also because the threat is so great –  even the smallest breach has the potential for significant impact monetarily, or on market reputation, perception or confidence.

Ideally, an organisation’s critical assets should be surrounded by layer upon layer of security measures, all working together so that if one layer is removed or breached, the business’ most valuable assets are not compromised. Too often however, organisations take a siloed approach to security – viewing physical, cyber and personnel security as separate entities, where in fact they are more inter-related than many imagine.

It’s therefore vitally important that security measures are considered holistically and are led and understood by senior management, otherwise gaps for exploitation can be found by intelligent and experienced actors, supported by an ever-growing arsenal of exploitation technology.

Based on the approach MASS takes with public sector and defence organisations, we’ll now consider the security measures which should combine as part of a holistic approach.

Physical security

It might seem obvious, but the first and fundamental consideration should be physical access to a site. For all organisations, this step remains vital – even in the finance industry where physical security principles have long been established.

You should consider the basic question of how an intruder could gain access, starting by reviewing the ‘perimeter’ controls. Indeed, organisations should even question what their perimeter is. With the potential for distributed site facilities, linked remote assets, and supply chain dependencies, this simple question must be answered.

To define where a ‘perimeter’ really lies, the use of scenario-based analysis, threat actor personas, motivations and objectives can be useful. It’s also an invaluable methodology for exposing how an organisation could be exploited.

The physical security stage should also involve a review of physical controls such as fencing, access technology, CCTV coverage etc., including their role in the deterrence and detection of hostile reconnaissance activities. Disrupting the planning cycle of attacks is often overlooked relative to direct prevention of unauthorised access.

That being said, security measures can only be as effective as the people applying them, so an understanding of human behaviours is essential. It’s important to consider how people’s actions affect overall site security and to question why these actions occur.

Simple mistakes like staff wearing security badges in the street could lead to unforeseen issues while poor motivation or effectiveness of roving security staff or those monitoring CCTV may also cause warning signs to be missed, demonstrating that innocent human mistakes could form the seed of future security breaches.

Cyber security

The finance sector’s cyber resilience has advanced considerably, as it’s adapted to threats over the years. But the evolution of the finance industry itself poses new challenges; businesses range considerably in size and new forms of financial transactions provide new opportunities for cyber exploitation. Exploitation toolsets and associated managed services are now more readily available at a lower cost, reducing the financial and technical barriers to advanced cyber-attacks.

The levels of cyber security in the financial sector must be retained, taken to a new level, and existing assumptions continually challenged.

For example, penetration testing regimes are a vital tool in mitigating network cyber risk (including ‘CBEST’ which has been widely rolled out across the finance sector) but have limitations given they are just a snapshot in time. They offer us a valuable depth of analysis within a network but can be constrained in breadth of scope and potentially leave vulnerability blind spots. Very frequent, lighter-touch cyber assessments can fill this gap as they offer a more dynamic view of ongoing vulnerabilities over a wider proportion of the estate, which could represent ‘low hanging fruit’ for the cyber actor. Assessments can be enhanced by applying modern threat intelligence techniques to rapidly identify existing compromises and potential weaknesses (including personnel and corporate digital footprint). This establishes a picture of cyber posture and vulnerabilities before any testing taking place.

End-user device security is also often viewed in terms of its encryption strength, keys etc. Modern methods of fault injection attack (a device’s response to artificially applied ‘fault conditions’ used to derive security credentials), though are able to bypass these assumed security measures, whereas it would take decades to ‘crack’ using more traditional computer power. This means it becomes important to test a device’s vulnerability to fault injection, rather than falling back on the old assumptions for protection.

To take a holistic view, it’s also important to examine the wider supply chain. The finance sector relies heavily on a network of suppliers of digital telecommunications and energy services, and when a network this complex is interconnected, it’s challenging to pinpoint cyber resilience risks. However, identifying ‘hot-spot’ concentrations of dependencies that represent single-point failures within the complexity of the overall business can allow you to filter the complex information and establish risk effectively.

The insider threat

Those who might misuse legitimate access to an organisation’s assets for unauthorised purposes are known as insiders and their threat is often overlooked when considering the overall cyber risk.

For those in the financial sector, personal financial gain could be a particular incentive to potential insiders, while security controls are now so effective that one of the only ways to circumvent them is for hostile actors to exploit those with legitimate access. It can help to think of insider threat as the ‘grand master skeleton key’ of security, as the right insider, or team of insiders can overcome almost all security measures. Security compromises involving insiders also tend to have a disproportionately high business impact.

Yet many organisations overlook insider risk, assuming that pre-employment screening is enough to deter employees and failing to recognise the wide range of risks from genuine human error, through to orchestrated insider activity by paid professionals. Insider cases are typically individuals who have been with an organisation for some years and could have had a personal vulnerability exploited or exposed, or simply become disgruntled with their employer.

It’s a broad area to address and can be more challenging to enforce than other security measures. Internal governance, security culture, employee wellbeing, employment measures, corporate digital footprint, and perceived employee sentiment are some of the aspects that should be considered. Once these internal factors have been addressed, organisations should then make the same assessment of their supply chains.

If the business is sufficiently committed to its security, structured analytical methods can quantify their maturity and assess where the key vulnerabilities and risks could lie. This extra level of understanding can enable improvement, and when it comes to security even small changes can make a big difference.

Consider your dependencies

It’s clear that security is a vast network comprising many different aspects and as such, if not considered collectively, some areas can fall through the cracks.

All businesses have particular dependencies which shouldn’t be overlooked. Your own environment may be protected, but if data is shared with suppliers or partners, is it still secure? If a supplier or partner has a security breach, does that affect your operation?

When assessing security measures, it’s essential to go an extra layer deeper and consider how a range of factors could impact your organisation and its readiness to respond to an incident.

At MASS, our security experts consist of professionals with extensive experience in preventing security breaches and performing assessments in accordance with Ministry of Defence processes, so that we can ensure our security analysis meets and exceeds industry best practice.

Continue Reading

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

The ultimate tech guide to remote working for the casual worker   4 The ultimate tech guide to remote working for the casual worker   5
Business1 day ago

The ultimate tech guide to remote working for the casual worker  

By Paul Routledge D-Link Country Manager Like many others, you may have grabbed your laptop in the middle of March...

Safeguarding international logistics arrangements during the coronavirus crisis 6 Safeguarding international logistics arrangements during the coronavirus crisis 7
Business1 day ago

Safeguarding international logistics arrangements during the coronavirus crisis

By Adam Ewart, CEO and Founder of Send My Bag It has certainly been a whirlwind couple of months. The coronavirus...

The Future of Finance Teams: Digitally Transformed 8 The Future of Finance Teams: Digitally Transformed 9
Top Stories1 day ago

The Future of Finance Teams: Digitally Transformed

By Simon Bull, Sales Operations & Business Development Manager at Aqilla Finance teams haven’t always been at the forefront of...

High-yield bonds will help, not hinder, businesses’ recovery 10 High-yield bonds will help, not hinder, businesses’ recovery 11
Finance1 day ago

High-yield bonds will help, not hinder, businesses’ recovery

By Jesse Chenard CEO of fintech MonetaGo, One of the best indicators of stock market growth is high-yield bonds. The junk...

A holistic view of organisational security 12 A holistic view of organisational security 13
Business1 day ago

A holistic view of organisational security

By James Ward, Senior Cyber Consultant at MASS The finance sector is typically more developed than others when it comes...

IDnow: Putting a new face on identity verification 14 IDnow: Putting a new face on identity verification 15
Technology1 day ago

IDnow: Putting a new face on identity verification

By Charlie Roberts, Head of Business Development UK&I at IDnow Munich headquartered IDnow is an identity verification provider which uses AI-based...

Finance leaders must act against increasing fraud 16 Finance leaders must act against increasing fraud 17
Finance1 day ago

Finance leaders must act against increasing fraud

By David Thorley, Director of Customer Development, FISCAL Technologies The COVID-19 pandemic has resulted in a whole host of increased...

NextGen Communications – the future of customer experience 18 NextGen Communications – the future of customer experience 19
Technology1 day ago

NextGen Communications – the future of customer experience

By Andrew Beatty, Head of Global Next Generation Banking at FIS As software development increasingly resembles push updates in services,...

The UK Property recovery has begun 20 The UK Property recovery has begun 21
Finance1 day ago

The UK Property recovery has begun

By Jamie Johnson is the CEO of FJP Investment, The UK property sector will be integral to the country’s economic...

The Derry Group launches new employee engagement and communications app 22 The Derry Group launches new employee engagement and communications app 23
Technology2 days ago

The Derry Group launches new employee engagement and communications app

The Derry Group, a one stop shop for the distribution, storage and order picking of chilled and frozen products has...