How to overcome current information security challenges?
The digital age has brought numerous challenges due to the complexity of network relationships that current information systems provide. Today’s IT environments are exposed to several vulnerabilities, be it communication, storage or human error. Nowadays, it is essential to know how to deal with computer attacks and possible data exposure. Information security faces new and unexpected challenges every day. How to overcome them? That’s what we’ll find out in this article!
LGPD: What does the new Brazilian data protection law say?
People must have control over their personal data and must understand the legal framework of digital businesses. This is because, unfortunately, users’ personal data are often illegally captured, which can compromise their privacy. This whole scenario led to the creation of the General Data Protection Regulation (GDPR) for the European Union, which came into force in May 2018, and now Brazil is preparing to adjust to the new law, very similar to the one that already exists in the Europe. After more than eight years of debates in civil society, Law 13.709 / 2018, the Brazilian Data Protection Law, arrives. The legislation (LGPD) was enacted on August 14, 2018 and is expected to come into effect, definitely, this year. In today’s article, we will know the main points of this legislation.
Concepts of the new law
The holder of the data is the person that the law aims to protect and is the carrier of “personal data that are subject to treatment”, so that legal entities of a collective nature are excluded from the scope of the new law: this law is exclusively to protect people.
The concept of data processing is very important in this legislation and is defined as “any operation carried out with personal data, such as collecting, producing, receiving, classifying, using, accessing, reproducing, transmitting, archiving, storage, disposal, evaluation or control of information, modification, communication, transfer, diffusion or extraction”. This context is very broad and applies to all data processing operations carried out by an individual or collective person, both in the public sector and in the private sector. In order for the law to apply, this data processing must be carried out in Brazilian territory. In the case of foreign citizens, personal data are subject to the new law when they are collected in Brazil and when their treatment is intended to provide goods or services in Brazil.
What will change in practice?
Obligation to delete data when required by the user
Citizens will be able to require companies to delete their personal data, whenever requested by users. The new regulation allows the personal data of each citizen to be destroyed at his request.
Data portability
Citizens may require companies to send their personal data in a format that allows them to be sent to another company, facilitating their migration and making it simpler to change service provision. Whenever a citizen changes banks or a television service provider, he or she will not have to provide his/her personal data again, as they can be easily migrated from one company to another.
Need for express user authorization
Citizens will have full information about how companies treat their data, how they store it, how long they store it and with whom they share their information. The new law applies to all activities involving the use of personal data, including treatment over the internet.
Obligation to notify in case of violation of personal data
Businesses and organizations have a duty to notify the competent authority in situations which put individuals at risk and to communicate to the citizen concerned all high-risk violations as quickly as possible so that appropriate action can be taken. In case of data leaks, the company must inform the competent authority (National Data Protection Authority, an indirect public administration body linked to the Ministry of Justice), which will be responsible for monitoring, implementing and enforcing the law , within a “reasonable period”.
What happens in case of default?
In case of data leakage or any other violation of the law, fines may reach 2% of the billing, with a limit of R $50 million, and may also imply the suspension of the company’s activities.
4 steps to store data in the Cloud
The Cloud is an option increasingly used by companies. However, there are still many doubts related to this technology, especially with regard to security. Cloud Computing is an IT solution that allows online use of computing resources, using the Internet. Uncomplicated: wherever you are, you can access your programs and files by simply having an Internet connection. With multiple users and multiple access points, it is essential to take some precautions in order to guarantee data privacy. In today’s article, we present 4 precautions you should take when storing data in the Cloud.
3 Information Security Lessons We Learned From Black Mirror
You certainly know Black Mirror, a series in which each episode tells us about the use we make of machines and the power we give them. Chatbots, virtual reality and drones are some of the topics covered in this series that make us think about our ethical values and their relationship with technology. Behind each episode, there are several messages to keep in mind, many of which are related to information security. For today’s article, we’ve selected 3 security lessons we learned from Black Mirror!
The Essential Guide to Information Security
Information security relates to data protection and all actions we take to prevent our information from being exposed. In today’s age of technology, data is the most valuable asset of any organization and must be protected. Every day thousands of new data are generated that need to be processed and that need to be safeguarded. Information security has been the top concern of IT managers and by 2020 it will remain a priority for organizations. We have selected some essential information security concepts. Follow us throughout this article!
5 Information Security Tips for All Businesses
Nowadays, we use the Internet to do (almost) everything: shopping, watching movies and series, making bank transfers, checking important data, and much more. And if before we could only do all these things through a fixed computer, nowadays we can do all this through a smartphone or a tablet. This whole new world of possibilities has brought with it numerous computer threats, so information security has become a priority for organizations. Protecting against cyber attacks today is not a choice but a necessity, and the numbers are not misleading: about 60% of small and medium-sized businesses do not reopen after suffering a cyber attack. Therefore, it is essential that companies protect themselves properly. In today’s article, we leave you 5 days of information security so you can apply it to your business!
GDPR: What has changed throughout its implementation?
Much has been said about the GDPR in 2018. The new regulation came into force in May last year and thousands of news related to the law came out. A year and a half after its arrival, few people talk about this legislation that promised to drastically change the way companies relate to their customers and business partners. We are currently experiencing a “non-reaction” phase to the GDPR, which could compromise data security and could result in huge fines for non-compliant. We will understand in this article what is the state of play regarding the General Data Protection Regulation!
Meet the new data protection laws in the world
Today’s world is digital, so more and more companies are taking advantage of information and big data to gain relevant insights into markets and the business itself. Internet access is nowadays universal and the massive use of social media captures a huge volume of data. Data privacy is one of the key challenges facing companies today. There is a growing collection of user data, and more and more computer attacks that expose private data and cause huge financial losses to businesses. To combat these threats and to ensure that sensitive information remains private, several countries and regions have begun to implement measures to punish organizations that don’t safeguard information security. In today’s article, we will learn about the new data protection laws in the world!
5 Data Security Measures to Apply in E-Commerce
Data security is very important in an online store and it is what defines if your company is trustworthy to make a purchase. Increasingly, customer information is valuable, so it is critical to ensure that customer information is not lost or misplaced. In today’s article, we present 5 data security measures to apply to e-commerce!
5 fatal errors in protecting your information
To make mistakes and Private Data are two concepts that cannot go hand in hand. Data loss or exposure can completely compromise the viability of a business, so it is increasingly essential that companies properly protect their information. In today’s article, we present 5 fatal errors in protecting your information!
