Protecting Your Privacy Data
Due to the increase in destructive cyber-attacks, businesses are now actively preparing themselves for when an attack occurs. One of the major risks resulting from an attack is, business owned privacy data being published and sold on the Darknet. This kind of attack has the ability to destroy a business, regardless of its size.
So, are you prepared? Have you secured your privacy information? Do you have a data breach response plan in place? These are just some of the questions you should be asking your team.
The Australian government is now mandating that all businesses have a Data Breach Response plan in place by 22 February 2018. It is worth noting that you are not required to distribute a notification to those whose privacy information was compromised for all breaches of data. There are guidelines for protecting both the users and the businesses in different scenarios.
We can help you with translating the Notification of Data Breach Scheme requirements into an implemented security solution for your data. Some of the key areas we focus on are:
- Designing your application and network to minimise the privacy information that is stored in one location.
- Planning how the privacy information will be handled in your network (privacy by design)
- Improve how you detect a breach promptly
- Monitoring and being made aware of compromised corporate network credentials
With our strong focus on hybrid cloud and multi provider applications, we always work towards retaining a premium level of security in our client's deployed environments.
Our goal is to achieve security compliance through building up businesses cyber resilience. With our DevSecOps mindset we realise, to achieve premium resilience we need to understand and be aware of not only the application layers but also infrastructure, network integration, data management, and administrative policy layers associated with privacy data. Awareness beyond the application layer into the infrastructure and policing data layers is a strong requirement of deploying applications in today's cloud architectures.
In a cloud deployed application where the platform or infrastructure is owned and managed by a 3rd party, you must clearly understand your responsibilities of data breach notification. It is also required that the service agreement clearly states the following:
- Who is responsible for the Data Breach Notification plan?
- Who is responsible for making the notification?
- Who makes the decision on which data breaches are notifiable?
Please contact us by filling out the form below for more information and to book an appointment to discuss further. To get you started we can offer you a complimentary scan of the Darknet for compromised credentials within your domain.