How to overcome current information security challenges?
The digital age has brought numerous challenges due to the complexity of network relationships that current information systems provide. Today’s IT environments are exposed to several vulnerabilities, be it communication, storage or human error. Nowadays, it is essential to know how to deal with computer attacks and possible data exposure. Information security faces new and unexpected challenges every day. How to overcome them? That’s what we’ll find out in this article!
5 Tips for keeping your databases secure
Currently, we live connected. We access social media several times a day, read e-mails all the time, put our bank details on the web so we can make online purchases, among many other actions. All of them, regardless of the care we take, can bring risks to organizations. Basic precautions such as configuring antivirus or “getting away” from suspicious links are not enough in this age when our data is so exposed. And, never before as now, information has been so important for companies. Theft of confidential data can even sentence a business to its bankruptcy. For this reason, we have prepared an article with 5 tips to keep your databases secure!
LGPD: What does the new Brazilian data protection law say?
People must have control over their personal data and must understand the legal framework of digital businesses. This is because, unfortunately, users’ personal data are often illegally captured, which can compromise their privacy. This whole scenario led to the creation of the General Data Protection Regulation (GDPR) for the European Union, which came into force in May 2018, and now Brazil is preparing to adjust to the new law, very similar to the one that already exists in the Europe. After more than eight years of debates in civil society, Law 13.709 / 2018, the Brazilian Data Protection Law, arrives. The legislation (LGPD) was enacted on August 14, 2018 and is expected to come into effect, definitely, this year. In today’s article, we will know the main points of this legislation.
Concepts of the new law
The holder of the data is the person that the law aims to protect and is the carrier of “personal data that are subject to treatment”, so that legal entities of a collective nature are excluded from the scope of the new law: this law is exclusively to protect people.
The concept of data processing is very important in this legislation and is defined as “any operation carried out with personal data, such as collecting, producing, receiving, classifying, using, accessing, reproducing, transmitting, archiving, storage, disposal, evaluation or control of information, modification, communication, transfer, diffusion or extraction”. This context is very broad and applies to all data processing operations carried out by an individual or collective person, both in the public sector and in the private sector. In order for the law to apply, this data processing must be carried out in Brazilian territory. In the case of foreign citizens, personal data are subject to the new law when they are collected in Brazil and when their treatment is intended to provide goods or services in Brazil.
What will change in practice?
Obligation to delete data when required by the user
Citizens will be able to require companies to delete their personal data, whenever requested by users. The new regulation allows the personal data of each citizen to be destroyed at his request.
Data portability
Citizens may require companies to send their personal data in a format that allows them to be sent to another company, facilitating their migration and making it simpler to change service provision. Whenever a citizen changes banks or a television service provider, he or she will not have to provide his/her personal data again, as they can be easily migrated from one company to another.
Need for express user authorization
Citizens will have full information about how companies treat their data, how they store it, how long they store it and with whom they share their information. The new law applies to all activities involving the use of personal data, including treatment over the internet.
Obligation to notify in case of violation of personal data
Businesses and organizations have a duty to notify the competent authority in situations which put individuals at risk and to communicate to the citizen concerned all high-risk violations as quickly as possible so that appropriate action can be taken. In case of data leaks, the company must inform the competent authority (National Data Protection Authority, an indirect public administration body linked to the Ministry of Justice), which will be responsible for monitoring, implementing and enforcing the law , within a “reasonable period”.
What happens in case of default?
In case of data leakage or any other violation of the law, fines may reach 2% of the billing, with a limit of R $50 million, and may also imply the suspension of the company’s activities.
3 Information Security Lessons We Learned From Black Mirror
You certainly know Black Mirror, a series in which each episode tells us about the use we make of machines and the power we give them. Chatbots, virtual reality and drones are some of the topics covered in this series that make us think about our ethical values and their relationship with technology. Behind each episode, there are several messages to keep in mind, many of which are related to information security. For today’s article, we’ve selected 3 security lessons we learned from Black Mirror!
4 essential tips for dealing with sensitive data
Dealing with sensitive data is not easy. Theft of data and its consequent exposure can lead a business to bankruptcy. More than ever, companies are concerned with the protection of their information, as they know that data is extremely valuable today. The threats to data security are immense, so it is essential to ensure that we do everything to protect our organization’s most sensitive data. We leave in today’s article 4 essential tips for dealing with sensitive data!
The Advantages of Masking Your Data with Datapeers
Protecting data is essential, especially the most sensitive data. No business wants to see its data exposed, as such a situation can lead a business to bankruptcy. More than ever, companies are concerned about the security of their information as a result of the growing importance that data has gained in recent years. One of the most effective ways to protect confidential information is through data masking. Data masking aims at creating a structurally identical but not equal version of the data. This technique creates a database with fictitious but realistic information that can be used for testing and training purposes. Data masking solutions offer a variety of sophisticated scrambling techniques to protect sensitive data, irreversibly replacing it with unrealistic data while maintaining referential integrity of the database. It is therefore a real and growing need in contemporary organizations. In today’s article, we present the advantages of masking your data with Datapeers!
5 Fatal Mistakes for the Security of Any Business
Information security in companies is an increasingly debated topic. Companies need to protect themselves to ensure their data is not lost in the event of a computer attack or natural disaster. Although there is growing concern about this topic, many companies still make mistakes that can totally compromise business continuity. In today’s article we present the 5 fatal errors for the security of any business!
Meet the new data protection laws in the world
Today’s world is digital, so more and more companies are taking advantage of information and big data to gain relevant insights into markets and the business itself. Internet access is nowadays universal and the massive use of social media captures a huge volume of data. Data privacy is one of the key challenges facing companies today. There is a growing collection of user data, and more and more computer attacks that expose private data and cause huge financial losses to businesses. To combat these threats and to ensure that sensitive information remains private, several countries and regions have begun to implement measures to punish organizations that don’t safeguard information security. In today’s article, we will learn about the new data protection laws in the world!
Understand the difference between data security and privacy
Data security and privacy are two concepts that go hand in hand. Many people confuse the concepts and think they are the same thing. However, while they have the common goal of protecting sensitive data, data security and privacy are not the same thing and have different approaches to achieving the goal they share. In today’s article, we will understand the differences between these two concepts and understand how we can keep data private and secure!
What to do to avoid digital pitfalls?
There is more and more news of digital attacks and data loss. Hackers are stronger than ever and investing in digital security is essential. The evolution of the internet has altered society’s spending habits, so thousands of monetary transactions are now being made every minute of passing. Brands build their heritage based on digital data and information, and it is critical that this data is safe and secure. In today’s article, we leave you some tips to avoid digital pitfalls!
