Since the Notifiable Data Breaches scheme was introduced on February 22nd, data security has been a hot topic on many a business owner’s mind. Under the scheme, a serious breach of information can not only damage your business’ reputation but can also result in a whopping $1.8 million fine for corporations or a $360,000 fine for individuals. So when it was discovered that one of Australia’s leading banks lost nearly 19 million personal account details in an undisclosed data breach, we thought we’d take a look at what happened and what we would recommend be done to prevent it happening again.
According to the scheme, a data breach occurs when personally identifiable information is accessed, downloaded or viewed by an unauthorised person. This information includes things like financial data, stolen credit card details and confidential health records. If the data lost is deemed to cause serious harm – in the form of identity theft, financial loss or the endangering of physical safety, amongst others – the organisation in charge of the data is legally required to notify both the Office of the Australian Information Commissioner (OAIC) and all affected individuals within 30 days.
In the incident involving the leading bank, sensitive personal information – which included customer names, addresses, account numbers and transaction details – was lost after it was discovered that the historical backup records containing the information had gone missing. An internal investigation was immediately commissioned and the OAIC was informed at the time, but both the bank and the OAIC were criticised for failing to notify customers of the potential data breach.
What would Essential Tech recommend be done?
While the situation with the leading bank was quite unique, Essential Tech recommends the following steps to prevent your business from being involved with a data breach. When it comes to making sure that both your and your customers’ data is secure, prevention is key. The first step in securing your information is requesting a security audit as a preventative measure to stop any data breaches from occurring. A security audit includes analysing how and why your company collects personal information, how you are storing that personal information, creating a plan to address privacy breaches and ensuring all staff are briefed on data breach prevention strategies.
Data protection strategies can also include ensuring your firewall and anti-virus are up to date, being vigilant against email spam and making sure you are protecting sensitive information, files and folders with encryption. If you’re not sure whether your business falls under the Notifiable Data Breaches scheme, make sure you click here for a full run-down.
Okay, so you really don’t want to end up with a data breach on your hands. Don’t worry, Essential Tech can help. We are a Brisbane-based IT Security Consultancy that offers the expertise to ensure your clients’ data is secure and you can operate with complete piece-of-mind.
A serious data breach is not only bad for business, as it may result in a loss of reputation amongst clients and potential investors, but can also cost you money. With over 50% of Australian small businesses unaware of how the Notifiable Data Breaches scheme will impact their business operations, ensuring your data is secure has never been more important. But do you want to know the best part? Essential Tech will be there to help every step of the way. All you have to do is click here.