Jake Moore, ESET Security Specialist, discusses the reality of data profiling and the treasure trove of data which you could be holding on your clients and customers.
“When you go for a run, ask Siri a question or take a photo, ideally you’d like to think that no one else could possibly know this.
“However, it is virtually impossible for companies not to profile you unless you live without the internet in a cave.
“This data, however, is exactly what advertisers desire (not to mention hackers). This extremely personal information should be held with utmost security.
“Apple, for example, who have a site dedicated to show what information they hold on you is a great start when it comes to being open, but it will no doubt shock people with the vast amount of data on people and their lives.
“This data is without doubt a treasure trove to wannabe hackers and should be held correctly and encrypted.
“However, if the customer is able to view this data via logging in, the log in process should utilise two factor authentication by default or this will be a pointless exercise as people could be phished or social engineered into giving away access.”
With GDPR it’s never been more important to protect the data you hold on staff, clients and customers. That means all data! Payment information has an obviously value, but if passwords and secret answers are based on personal information the result of a hack could ultimately be financial loss either way.
Whether you’re looking to achieve compliance or just better protect your organisation, we are offering 20% off three of our excellent products as part of our GDPR Compliance Bundle.