Your customers’ concern is your concern and the evolution of cybercrime is simply not something that your business can afford to ignore. The European Commission published its Special Eurobarometer Report on Cyber Security in February 2015. The conclusions make for stark reading for business owners and managers. 75% of Irish respondents are concerned that their online personal information is not kept secure online.
All businesses need to demonstrate that they are active in preventing cyber attacks.
- Secure your hardware and encrypt your laptops – a simple example is using a Kensington lock to physically secure mobile devices;
- Mobile phones are the new portable office. Employees should not connect to work emails through unsecure Wifi networks on their smart tablets and phones – introduce usage policies and educate your staff;
- Warn employees on the danger of clicking on unknown links – employees should be educated on the danger of malware attacks;
- Ensure your network is encrypted, secure and password protected;
- Use strong passwords and don’t keep them in a folder on your network entitled ‘passwords’!
50% of users don’t take basic precautions such as changing their passwords every 12 months.
- Combat system vulnerability. Put up a strong firewall and use reliable anti-virus and anti-malware protection and keep it up to date.
33% of Irish internet users have discovered malicious software on their device. But only 51% have installed anti-virus software.
- Monitor your vendors. Where vendors have access to your company’s data, ensure those vendors are accessing it through a secure network and have suitable malware protection in place.
- Segment internal data access. Only give employees access to the data they require to carry out their specific job on a “need to know” basis.
As the complexity and frequency of cybercrime increases so does the threat posed to your company’s reputation. Furthermore, you are obliged under Data Protection Legislation to take appropriate security measures against unauthorised access to, or unauthorised alteration or disclosure of your employees’ and customers’ data.
If you don’t you could be liable for a fine of up to €250,000 or 10% of turnover whichever is greater. You could also face the administration and legal costs of dealing with a court order to forfeit or destroy any data material which is connected with the commission of the offence.
Contact Laura Daly or Ronan McGoldrick for more information.
This publication is for guidance purposes only. It does not constitute legal or professional advice. No liability is accepted by Ogier Leman for any action taken or not taken in reliance on the information set out in this publication. Professional or legal advice should be obtained before taking or refraining from any action as a result of the contents of this publication. Any and all information is subject to change.