Currently, we live connected. We access social media several times a day, read e-mails all the time, put our bank details on the web so we can make online purchases, among many other actions. All of them, regardless of the care we take, can bring risks to organizations. Basic precautions such as configuring antivirus or “getting away” from suspicious links are not enough in this age when our data is so exposed. And, never before as now, information has been so important for companies. Theft of confidential data can even sentence a business to its bankruptcy. For this reason, we have prepared an article with 5 tips to keep your databases secure!
People must have control over their personal data and must understand the legal framework of digital businesses. This is because, unfortunately, users’ personal data are often illegally captured, which can compromise their privacy. This whole scenario led to the creation of the General Data Protection Regulation (GDPR) for the European Union, which came into force in May 2018, and now Brazil is preparing to adjust to the new law, very similar to the one that already exists in the Europe. After more than eight years of debates in civil society, Law 13.709 / 2018, the Brazilian Data Protection Law, arrives. The legislation (LGPD) was enacted on August 14, 2018 and is expected to come into effect, definitely, this year. In today’s article, we will know the main points of this legislation.
The holder of the data is the person that the law aims to protect and is the carrier of “personal data that are subject to treatment”, so that legal entities of a collective nature are excluded from the scope of the new law: this law is exclusively to protect people.
The concept of data processing is very important in this legislation and is defined as “any operation carried out with personal data, such as collecting, producing, receiving, classifying, using, accessing, reproducing, transmitting, archiving, storage, disposal, evaluation or control of information, modification, communication, transfer, diffusion or extraction”. This context is very broad and applies to all data processing operations carried out by an individual or collective person, both in the public sector and in the private sector. In order for the law to apply, this data processing must be carried out in Brazilian territory. In the case of foreign citizens, personal data are subject to the new law when they are collected in Brazil and when their treatment is intended to provide goods or services in Brazil.
Citizens will be able to require companies to delete their personal data, whenever requested by users. The new regulation allows the personal data of each citizen to be destroyed at his request.
Citizens may require companies to send their personal data in a format that allows them to be sent to another company, facilitating their migration and making it simpler to change service provision. Whenever a citizen changes banks or a television service provider, he or she will not have to provide his/her personal data again, as they can be easily migrated from one company to another.
Citizens will have full information about how companies treat their data, how they store it, how long they store it and with whom they share their information. The new law applies to all activities involving the use of personal data, including treatment over the internet.
Businesses and organizations have a duty to notify the competent authority in situations which put individuals at risk and to communicate to the citizen concerned all high-risk violations as quickly as possible so that appropriate action can be taken. In case of data leaks, the company must inform the competent authority (National Data Protection Authority, an indirect public administration body linked to the Ministry of Justice), which will be responsible for monitoring, implementing and enforcing the law , within a “reasonable period”.
In case of data leakage or any other violation of the law, fines may reach 2% of the billing, with a limit of R $50 million, and may also imply the suspension of the company’s activities.
The Cloud is an option increasingly used by companies. However, there are still many doubts related to this technology, especially with regard to security. Cloud Computing is an IT solution that allows online use of computing resources, using the Internet. Uncomplicated: wherever you are, you can access your programs and files by simply having an Internet connection. With multiple users and multiple access points, it is essential to take some precautions in order to guarantee data privacy. In today’s article, we present 4 precautions you should take when storing data in the Cloud.
You certainly know Black Mirror, a series in which each episode tells us about the use we make of machines and the power we give them. Chatbots, virtual reality and drones are some of the topics covered in this series that make us think about our ethical values and their relationship with technology. Behind each episode, there are several messages to keep in mind, many of which are related to information security. For today’s article, we’ve selected 3 security lessons we learned from Black Mirror!
Although little is said about GDPR today, the law exists and it is mandatory to comply with it. There are many companies that have not yet prepared themselves to protect their data in accordance with the new legislation. The fines are quite high and it is unconscious not to be concerned with the information of your business, as the exposure of sensitive data can seriously compromise the organization’s survival. Therefore, we have prepared this article where we present you 4 measures for your company to adapt to the GDPR!
Dealing with sensitive data is not easy. Theft of data and its consequent exposure can lead a business to bankruptcy. More than ever, companies are concerned with the protection of their information, as they know that data is extremely valuable today. The threats to data security are immense, so it is essential to ensure that we do everything to protect our organization’s most sensitive data. We leave in today’s article 4 essential tips for dealing with sensitive data!
Data privacy remains a concern for companies in 2020. There are still many mistakes made in terms of security and this can cause serious problems for the organization. It is essential to protect data in the best possible way, otherwise it will be exposed or stolen by people outside the business. In today’s article, we selected 5 data privacy mistakes you can’t make in 2020!
Artificial intelligence can help many industries by simplifying processes and increasing performance. Sensitive data protection is an area in which artificial intelligence will have a significant impact. Today, the amount of information that is generated in a company is incalculable, so collecting and processing data has become a major job. Due to the increasing need to protect data, companies have begun to invest in technology to process data. In today’s article, we’ll see how artificial intelligence can help companies protect their sensitive data!
Information security relates to data protection and all actions we take to prevent our information from being exposed. In today’s age of technology, data is the most valuable asset of any organization and must be protected. Every day thousands of new data are generated that need to be processed and that need to be safeguarded. Information security has been the top concern of IT managers and by 2020 it will remain a priority for organizations. We have selected some essential information security concepts. Follow us throughout this article!
New Year, old worries! Information security will continue to be the main business concern in 2020. Attacks by hackers are increasingly sophisticated and unpredictable and the threats keep increasing. For this reason, data masking will increasingly be a solution sought by IT professionals. Data masking aims at creating a structurally identical but not equal version of the data. This technique creates a database with fictitious but realistic information that can be used for testing and training purposes. Data masking solutions offer a variety of sophisticated scrambling techniques to protect sensitive data, irreversibly replacing it with unrealistic data while maintaining referential integrity of the database. In today’s article, we will see how we can avoid exposing masked data!