Data Security in UK. What should Startups and SMEs and do?
What is Data Security? Data Security is a critical element for businesses as they need to excel in protecting data, such as their database, from hacking, destructive forces and from the unwanted actions of unauthorized users. UK one of the most advanced economies is conscious of this and there are lot of things companies need.
Key threats to data security:
- Lack of attention by employees of a company to their use of company platforms.
- Data lost or damaged during a system crash – especially one affecting the hard disk.
- Data corrupted as a result of faulty disks, disk drives, or power failures.
- Data lost by accidentally deleting or overwriting files.
- Data lost or become corrupted by computer viruses.
- Data hacked into by unauthorised users and deleted or altered.
- Data destroyed by natural disasters, acts of terrorism, or war.
- Data deleted or altered by employees wishing to make money or take revenge on their employer.
Data protection principles:
SMEs and Startups can do much more to protect their data and work in security. Some principles to use. Please find the Data Protection Act that lists the data protection principles in the following terms:
- Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless –(a) at least one of the conditions in Schedule 2 is met, and(b) in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.
- Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
- Personal data shall be accurate and, where necessary, kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
- Personal data shall be processed in accordance with the rights of data subjects under this Act.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
MPs and UK plc focus on customers’ data security in debate with UK Information Commissioner!
Data security is about keeping data safe and politicians are starting to be aware of it. Many individuals, small businesses and major companies rely heavily on their computer systems. If the data on these computer systems is damaged, lost, or stolen, it can lead to disaster.
UK organisations must adhere to clearer standards when it comes to the collection, protection and use of customer data, according to MPs and business leaders attending a meeting of the All Party Parliamentary Group on Customer Service (APPG).
Arranged as part of the APPG’s efforts to raise customer service standards in the UK, attendees focused on what needs to be done to ensure consumer trust in UK organisations can be maintained. Attendees heard from the Information Commissioner, Christopher Graham, and senior executives from organisations spanning the private and public sector.
The APPG meeting, for which the Institute of Customer Service provides secretariat support, highlighted a number of high-profile security failures which have raised customer concerns over the security of their data and outlined research published by the Institute of Customer Service (@instituteofcs) which suggests that 43 percent are concerned about cyber attacks. Attendees also learned that many consumers want Government to take action as ‘big data’ continues to grow, with 84 percent wanting the Government to impose fines on organisations lacking sufficient safeguards and 86 percent wanting a review of data protection legislation.
Christopher Graham, the Information Commissioner, said: “The responsible use of Big Data can enhance the customer experience – but getting things wrong can really annoy customers and trash brands in the procession. So there are threats as well as opportunities. Getting data protection right is key to the delivery of innovative services in the public sector too. The key point for all organisations to remember is that customers’ personal data is just that – the customer’s, not yours to do what you like with.”
Jo Causon, CEO of the Institute of Customer Service, said: “Acceptance of the inevitability of cyber attacks may be a reality and this places the onus on organisations to outline what plans are in place to secure their customers’ data. They also need to be transparent in the event of a breach and clear about how they will respond if cyber defences are broken.
“The fact is that a customer’s experience is determined not just by performance when things go well, but the promise of performance when things go wrong. That’s why the organisations best able to deliver a strong, reassuring and detailed outline of their cyber strategy and demonstrate its execution will set themselves apart from their competitors and go a long way to securing the loyalty of customers in the long-term.”
Notes from the All-Party Parliamentary Group on Customer Service will shortly be made available via www.instituteofcustoemrservice.com.