Story image

Data protection is key to building customer trust

20 Nov 18

Australia has been an important site for digital development in the past decade. From the wide-ranging innovations to focus on digital innovation and transformation, it’s a core priority. During this time, there has also been a rapid increase in consumer digital data held by businesses making data security the topic of scrutiny among the public and policymakers alike. Maintaining a strong digital fortress is, therefore, the top imperative for businesses if they wish to sustain consumer trust. 

The public demand for data security is reflected in improving data regulations. This is a domain where Australia − thanks to our Notifiable Data Breach (NDB) legislation which came into effect in February this year − has a head start.

Other than our home-grown NDB regulations, Europe’s General Data Protection Regulation (GDPR) implementation in May 2018 has set a precedent that is likely to motivate other worldwide governments to further tighten the screws on privacy protection, for instance, by setting punitive financial penalties when companies mishandle customer data, demanding stricter internal risk management controls and putting into law compulsory requirements for data breach notification. 

In the global economy, these regulations will affect Australian businesses and the way they handle data – or reap the consequences if not done correctly. Staying informed on best-practice is essential to protecting your business, which is why we are currently touring the FortiExpress, a mobile threat intelligence lab, across regional centres in Australia, educating businesses across the country from Cairns to Geelong.

Steps to take for businesses to protect their data, and themselves

Security and the need to protect sensitive and confidential information is becoming a critical part of business operations and every business needs to be aware of major regional data privacy legislation and how it will apply to them. Non-compliance can be costly and lead to serious damages to their corporate reputation.

For Australian businesses who have yet to consider the tougher data regulations locally and overseas in regions like Europe, now is a good time to start with an information audit and to begin developing awareness. Crucially, they need to ask if they have the infrastructure, data management processes, and IT and cybersecurity technologies in place to protect their business environment.  Do they have a robust data protection framework that can detect and mitigate data breaches quickly and effectively? Do they have visibility deep into their infrastructure, and know where their data is, as well as who and what are accessing it?

Cybersecurity is central to compliance with data protection regulations. Organisations must ensure they have the capability to prevent network intrusion and minimise the risk of serious breach by reducing the time taken to detect new threats. They must also have effective and tested post-intrusion responses.

Opportunity to win customer trust and loyalty

With data protection becoming normalised in Australia and countries across the world, it’s likely that we will see a dramatic increase in efforts to achieve compliance and the risks associated with the failure to comply. The latest quarterly report on Notifiable Data Breaches notifications from the Office of the Australian Information Commissioner (OAIC) found they received 245 notifications, almost exactly the same figure as the quarter before. The consistency in data breaches means it is not a fad, bound to go away with time, but also that organisations are still not taking the necessary steps to strengthen their data protection.

For many businesses, customer confidence is already being influenced by their perceived risk of conducting transactions online, or whether their personal data is at risk of being compromised or stolen. Meeting or exceeding regulatory requirements will go a long way towards soothing those concerns. 

New data compliance rules also offer an opportunity for businesses to re-evaluate their processes and improve data management and customer loyalty. Updating company data regulations is also an opportunity to achieve competitive differentiation and a way to drive greater customer confidence and trust in their brands. And this goes beyond sending an updated terms and conditions email.

Article by Jon McGettigan, Senior Regional Director A/NZ, Fortinet

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.