‘More Than Half’ of UK Businesses have STILL not addressed GDPR
It has now been over four months since the General Data Protection Regulation (GDPR) came into force on May 25th, unifying the different levels of data protection across the EU and tackling the issue of exporting data outside the EU. With its main focus being to prevent the collection of unnecessary data on individuals (and to protect what data is collected and maintain the subjects’ rights to privacy), much was made at the time on the impact this would have on business, and many man-hours were spent on ensuring that enterprises across the EU were compliant with the new rules.
So what has the impact been, in real terms? At the time there were many horror stories and concerns being raised about the unintended harmful effects that GDPR could have on small businesses. The fear was that as they have smaller IT resources, small businesses would find it harder to ensure they were compliant in time, and that they would therefore be disproportionately likely to face fines, and also disproportionately affected by the amounts of money involved.
Well, the good news is that so far there haven’t been any massive issues. The bigger social media players like Facebook and Google saw the inevitable complaints being sent to the EU Commission, but other than that things appear to be moving smoothly.
Although whether this will remain the case is hard to tell. In the run-up to the GDPR’s coming into force, IT security firm ESET surveyed over 27,000 companies, and found that more than half of them hadn’t performed an internal audit to see whether they were compliant.
Fortunately, and presumably anticipating this very state of affairs, Data Protection Regulators have shown leniency so far in order to give people time to catch up, but it seems likely that this state of affairs will be subject to change as time goes on. So the lesson is that while it’s still not too late to ensure that you are compliant with the new regulation, it may very well be soon.
BREXIT of cause makes no difference to compliance. GDPR came into effect before the UK leaves the European Union, which means that UK businesses needed to prove their GDPR compliance before, on and after the 25th of May. In addition, the GDPR rules apply to ANY business that handles personally identifiable information of EU Citizens, regardless of where they are located.
If your company are one of the many thousands who have yet to address GDPR contact 39 Degress today by calling 01279 800039 and speak directly to a Data security expert about your requirements in further detail. Alternatively, fill in our online contact form and visit our website here.
Facebook Security Breach:
On Tuesday 25th September 2018, Facebook was the victim of a cyber-attack, which has affected over 30 million Facebook users. This attack is the worst security breach that Facebook has been the victim of, with the hackers successfully accessing the personal data of 29 million Facebook accounts.
Facebook has launched an investigation into this cyber-attack, after discovering that the attackers had obtained tokens from the system, which allows them to request certain information from the platform.
The hackers have accessed a range of information from these users, including their personal information and contact details. For around 15 million users, the attackers obtained their usernames and contact details, and this includes their phone numbers and email addresses.
For the other 14 million Facebook accounts, the hackers accessed the above information, as well as their gender, language, relationship status, religion, hometown, current city, birthdate, education and more.
Facebook users can check whether they have been affected by the attack by visiting their Help Centre. Victims should also have received a message from Facebook themselves, informing whether you are 1 of the 30 million, and explaining which information may have been accessed.
Cyber Security for your business
Here at 39 Degress, we believe that cyber security is paramount for running a business. If large organisations are vulnerable to security breaches, it’s important that you are protected from cybercrime.
With our Cyber Security services, we’ll help protect your business against the latest ransomware, malware, hackers and other threats, and ensure that you avoid becoming the victim of cybercrime. Ghost will also ensure that your business-critical data is secure and that your business complies with ISO27001 and GDPR regulations.
Our Cyber Security services include PEN testing, anti-virus and anti-malware, 2-factor authentication, email security and even Certified Cyber Security training for your workforce. To find out more about how Ghost can help improve your cyber security capabilities, call our team today on 01279 800039 and speak directly with one of our experts, who can help you prevent a cybercrime from occurring. You can also find out more by visiting our Managed Cyber Security services page.