Cloud computing, GDPR and social engineering have been ranked in the top 10 emerging risks for organisations by Gartner, the world’s leading research and advisory company.
Every quarter, Gartner surveys senior risk executives at leading organisations to identify the top risks to their company. In the latest report, Q2 2018, cloud computing was identified as the number one emerging threat.
The risk concern is either “that there is unauthorised access to sensitive or restricted information, or the cloud provider is unable to provide access to information as a result of disruption to their own operations”[1].
Organisations need to stay informed with regards security and data privacy. Giving thought to where they store their data is paramount to mitigate risk. Under GDPR organisations are now forced to be more transparent with the sensitive data they hold and are required to document how they process personal data in particular. The stability and security of cloud computing has to be questioned. If data is stored on the cloud its exact location and how it is managed is unclear.
It’s the responsibility of organisations themselves to stay informed and make effective decisions such as where they store their data and to ensure their security strategies are in place and up to date.
The on-demand, shared nature of the cloud introduces the possibility of security breaches. Cloud service providers share infrastructure, platforms, and applications, and if a vulnerability arises at any level, it can affect everyone. It is for this reason Bonafidee chooses not to use cloud computing services.
Bonafidee owns and manages their own dedicated infrastructure in IL3/4 rated data centres in the UK. There is no replication of data worldwide. Data is rigorously protected from threats and vulnerabilities all the time, 24 hours a day, 365 days a year.
Andrew Smith, Information and Security Officer for Bonafidee says “Bonafidee is seriously committed to ensuring their clients data is safe and secure. Our Information Security Management System (ISMS) is maintained by a dedicated team of highly skilled professionals to protect our customers’ sensitive data with the highest levels of security – guaranteeing UK data Sovereignty. In our compliance with ISO 27001, our database and information infrastructure is rigorously tested and we are continually improving our knowledge, controls and measures to manage any potential threats. We choose to store all data on our own managed and dedicated infrastructure in IL3/4 rated data centres in the UK so we can be certain where our data is geographically and exactly who has access to it. We take these precautions to ensure that Bonafidee can offer its clients secure data protection”.
Gartner also identified GDPR and social engineering in its report as two fast-moving threats that can cause damage to an organisation. A specific breach of compliance under GDPR could lead to significant fines. The guidelines for disclosing cyberbreaches have become more clearly enforced.
Bonafidee can help organisations achieve greater GDPR compliance. Bonafidee’s global digital engagement platform gives organisations a competitive edge and mitigates the risks of identity theft and online fraud. Under GDPR’s “right to be forgotten” Bonafidee will not only keep data safe but will delete it if instructed to, fulfilling an important obligation. Bonafidee’s advanced e-forms enables organisations to capture the data in the first instance and be completely in control of capturing consent. This results in a tamper evident audit trail to provide legally enforceable evidence and supports GDPR compliance.
Putting security steps in place is vital for organisations and is a company-wide responsibility. Threats are constantly evolving so keeping up with advancing technology is vital. With the right steps in place organisations can meet their legal and regulatory obligations, combat fraud and at the same time deliver efficiencies and cost savings.
To read the full report click here.
