Despite the tightening regulatory framework of General Data Protection Regulation (GDPR) in Europe and Notifiable Data Breach (NBD) legislation over here, gaping holes are prevalent in data protection and security management practices across the country. The latest quarterly mandatory data breach report by the Office of the Australian Information Commissioner (OAIC), suggests that mobile security practices still have some way to go before they are ingrained in the employee mindset.
In fact, according to the OAIC, in the last three months of the fiscal year, businesses in Australia created around 81 breaches per month. Over the quarter, more than one million records were compromised, and human error accounted for more than one third (36%) of all breaches. On mobile, it’s all too common for employees to disregard data protection safeguards and take short cuts to stay connected.
Devastating consequences of poor data protection
A data breach can be both devastating for your customers and employees, and costly for your organisation. With the NDB legislation, failing to report an eligible breach comes with penalties of up to $360,000 for individuals and $1.8 million for organisations. But, that’s just the start. Once data security has been breached, you may be subject to legal action from the customers or employees whose data was affected.
Operationally, you need to assign significant resources to getting to the root of the problem. So, along with reporting data breaches to the OAIC, you need to account for:
- Managing associated operational delays
- Undertaking data breach investigations
- Performing remediation activities, and
- Employing legal counsel.
In addition, the reputational damage to your brand from a data breach can be significant, and it’s highly likely that the fallout will include the loss of customer, employee, and investor confidence. Research by Deloitte suggests that the major impacts of a data breach continue to be felt two years after an event.
It may be cold comfort, but, the only way to avoid the fallout of a data breach is to prevent a breach happening in the first place.
Mitigating actions to reduce risk
In fact, at a time when it’s never been more important to ensure data protection, the threat of your data being compromised is ever more present as the number of employees joining the mobile workforce continues to grow. Not surprisingly, senior decision makers are increasingly concerned about data protection and security risks associated with mobile workers. Yet, despite the risks, companies are failing to take appropriate action to manage mobile devices and people securely.
For example, the use of free public Wi-Fi continues to pose a significant mobile security threat for many enterprises. However, according to Verizon’s Mobile Security Index 2018 over half (51%) of respondents said their organisation doesn’t have a policy regarding public Wi-Fi. Its use was neither officially sanctioned nor prohibited. Of these respondents, over half of them (55%) said they don’t always encrypt sensitive data when it’s transmitted across open, public networks, putting their data at considerable risk.
If your organisation has similar gaps in data protection practices, it’s essential to put tighter controls in place.
Establishing strong data protection controls
As a senior leader, your challenge is to strike that fine balance between keeping your data secure in line with your legal obligations to protect it, while not impinging on the productivity of your mobile workforce.
You can do this using technologies, processes and best practices from imei. With our complete enterprise mobile security solution, you can secure your information and manage the risk of data loss across the thousands of devices in your mobile fleet. Our solution meets compliance standards, triggers authorisation and authentication checks, and includes tools for logging and sandboxing information, leaving your people free to conduct business on the go, while giving you comprehensive data protection control.
Remember, the only way you can avoid the fallout of a data breach is to prevent it happening in the first place. Contact us to find out more on how you can mitigate your data security risk.
Assess your risk
Don’t become another statistic in OAIC’s next quarterly report. Use our data risk calculator to assess data risk in your organisation and identify potential issues before they become costly problems.