€20,000,000 or 4%? – GDPR
You knew it was coming, and while initially, you may have been in denial, you can’t ignore it anymore. The General Data Protection Regulation (GDPR) is going into effect on May 25, 2018, whether you’re ready or not.
Because the Internet has changed how we work, use, store, and share data, regulations needed to change too. Since it’s a directive, EU members have the flexibility to implement it how they deem appropriate. This resulted in varying approaches to data protection across Europe. If you’re not taking action to secure your data, you could be leaving your organization wide open for heavy penalties.
9 out of 10 businesses aren’t ready.
But only if you’re not handling it. You are handling it, right?
Or is your company part of the 92% who isn’t ready according to a recent GSM survey of 400 European executives and managers.
Not complying with GDPR post implementation in May, will result in massive financial implications for European organizations and global companies who are active in Europe. GDPR is being implemented to help protect European citizens from a range of potentially abusive, manipulative and unsafe uses of their data, which means organizations will need to review and update their processes, systems, and even their thinking.
First, let’s dig into the most important things you need to know about GDPR:
- Your data is no longer just an asset to your business but also a potential liability
The goal of these new regulations is to drive an all-encompassing approach towards managing personal data. With GDPR, online personal identifiers like IP addresses and smartphone identity will be considered personal data. Ultimately, we could also see significantly more penalties for personal data breaches.
- If you have a breach, you have only 72 hours to report it to officials and all affected customers
It will be mandatory to notify officials and anyone affected by personal data breaches within three days of learning about it. Worse, if it’s considered high-risk, such as breach of non-encrypted data, the people affected by the breach must be notified immediately.
- Set up your IT network to handle future vulnerabilities today
Quick fixes and reactive solutions can hurt your business in the long run. You’ll need to take a proactive long-term approach to protect your company’s systems. Performing a continued risk assessment of network vulnerabilities and implementing the right technology can help. Companies will need to take technical measures to keep personal data secure, especially with the possibility of facing strict penalties—to the tune of fines reaching up to €20 million, or 4% of global revenues, whichever is higher.
GDPR isn’t just a technology problem; it’s a people and security problem.
Companies can install all the latest Internet security infrastructure and hire the best cybersecurity consultants in the world. But at the end of the day, people need to understand how their actions could unintentionally lead to a personal data breach. As organizations pivot their focus to preventative measures involving their employees and less on expensive infrastructure, they’re thinking about other ways they can help avoid the inadvertent cybersecurity breach—which will damage a company’s reputation and bottom line. Security departments are learning to act proactively and implement new tools to reduce their risk.
Employees are your first and last line of defense in guarding your business and your customers’ personal data. When an employee accidentally forgets to lock a laptop, they could be leaving information wide-open for an insider breach.
According to the annual report “State of the Dutch Data Centers 2017 – Room for Growth” published by The Dutch Datacenter Association (DDA), the total Dutch multi-tenant data center market grew by 15% in 2016, resulting in 283.000m2 of data center floor space. And data centers only continue to grow. The same report details another expansion of 180.000m2 of data floor space in coming year happening in Netherlands alone.
The access control industry is experiencing explosive growth in the next 5 years.
Thanks to GDPR and growing security concerns globally, access control technology is becoming more popular out of necessity. In 2016, this market was valued at $6.39 Billion USD, and is expected to reach $10.03 Billion USD by 2023 according to the new market research report, the “Access Control Market by Component (Hardware (Card-Based Readers, Biometric Readers, Electronic Locks, Controllers, and Others) and Software), Service (Installation, Maintenance, and ACaaS), Vertical, and Geography – Global Forecast to 2023.”
As innovators, we’ve developed technology that automates security protocols such as locking workstations automatically based on proximity rather than timeouts. This technology also allows IT administrators access to user-friendly software to use 2-factor authentication methods for added protection.
The careless employee might seem harmless at first, but not if they’re choosing weak passwords or habitually leaving computers unattended. This is the primary reason why we developed GateKeeper Enterprise. It adds an extra layer of military-grade protection between employee and computer and gives IT security managers and CTOs one less thing to keep them staring at the ceiling at night as GDPR take effect.
When you add security between people and your systems with GateKeeper, here’s what happens:
- A wireless key stays with the user and becomes the authenticator, automatically locking the computer when they walk away.
- When the wireless key is in range, the software authenticates and logs the user on.
- Ability to set multiple login options like Auto-Unlock, Touch-to-Unlock, and 2-Factor Authentication to set the right level of security for your business’ day-to-day needs.
- User-friendly audit logs of who accesses which computer when and where.
- Real-time reporting to provide the data needed to report a breach within 72 hours.
- Administrators can control which user can access which computer.
When the thought of making headlines for the next huge personal data breach starts giving you indigestion, it might be time to try something other than implementing 12-character passwords and wasting money on expensive cybersecurity consultants.
Do you have a question about how GDPR will affect your business or have questions about your company’s security? Let’s chat.