TECH & SERVICE PROVIDERS
business that will be at risk if the data is breached or lost ”, according to Bindley .
“ Having clarity over what data is held and where it sits in terms of its sovereignty and residency is vital , so staff and customers can be assured their data is in safe hands .
Despite its importance , keeping track of data within these different sites often falls to the wayside for SMEs , as they don ’ t employ a Data Control Officer who can take responsibility for it , meaning no staff member or division feels accountable for keeping data secure ,” he said .
The risks of not keeping track If there was a breach , Bindley said it ’ s wise to know who is responsible for the security of the compromised data : “ The Information Commissioner ’ s Office ( ICO ) will come down much harder if the correct measures are not in place , so businesses must be able to demonstrate they have done all they can ”.
In 2020 , British Airways was fined after users of its website were directed to a fraudulent site , where hackers were able to harvest the personal data of around 400,000 people , including login and travel booking details , names , addresses and credit card information .
“ The ICO issued a fine of £ 20mn - the largest fine under GDPR to date , as it found that the hack was the result of BA ’ s negligence . Not only did this have a huge financial consequence for the company , which was already suffering financially under lockdown rules , it caused a catastrophic blow to its reputation .
If you avoid thinking about your business ’ s data protection , either because you don ’ t understand how to take the first step or feel it ’ s not your responsibility , and then something goes wrong , there could be business-ending consequences ,” said Bindley . s around a critical siontechnologymagazine . com 129