Author: In partnership with Ozone IT Solutions
17 September 2020
Unpacking the challenges of compliance and regulation within business security
In 2018, the General Data Protection Regulation (GDPR) became an enforced regulation in Europe that would have a long reaching impact on organisations globally.
In South Africa, 2021 marks the date when the long-suffering Protection of Personal Information Act (POPIA) will finally be enforced.
Organisations that have not spent time focusing on how to become compliant are facing a run to the end.
The marathon has ended, now it’s a sprint to the finish where security, compliance, information and data have to be wrapped into a neat little ball that’s padlocked tightly shut against risk.
The problem is finding solutions that manage security across the multiple layers of remote workers, in-house employees, and the business.
Solutions that can scale and adapt alongside the organisation
This has been a real challenge throughout 2020 as most companies have been shoved into remote working and have spent the majority of the year trying to figure out how to manage their remote workforces with a measure of efficiency.
Unfortunately, this priority has seen some companies miss unexpected holes in their security as remote working introduced vulnerabilities and risks that they didn’t anticipate or plan for.
Employees were equally at sea. Many had never considered the idea of working from home and were now trying to figure out how to do business from the kitchen.
Security, understandably, slipped to the side and poor password management, weak overall security, and limited investment into reliable solutions opened doors that should have remained firmly closed.
This is evidenced by the rising tide of security breaches and hacks that have left many companies reeling – phishing, hacking, ransomware, and data leaks have become as common in the news headlines as the pandemic itself.
Fortunately, where technology takes away, it also gives. Yes, it may be the very tool that cracks open the doors to business systems and puts ransomware onto delicate information – but it is also the tool that can be used to mitigate the risk and manage both employee and security properly.
Detecting vulnerabilities before hackers do
Using solutions such as GFI Languard, the business can run a comprehensive security audit that will reveal where the vulnerabilities lie.
Also providing up-to-date patch management, this solution is capable of detecting vulnerabilities before the hackers do.
Designed to find more than 60,000 known vulnerabilities, the tech has the laser beam focus that the business needs to ensure its systems are locked down and compliant without having to invest into new staff, new infrastructure, and new systems.
Another solution that’s seen significant traction in the South African market, particularly in the financial sector, is Nuix.
This software is designed to manage digital forensic audits in organisations that have experienced a hack or that want to ensure that they are not at risk and their systems are clean.
Nuix has a selection of products that can work individually, or together, to dig deep into business systems and ensure that data is secured properly.
It has been used to help companies segregate and separate data when they sell subsidiaries, and it has been used to ensure that any intellectual property and information is wrapped tightly within the right security blankets.
Cleverly persistent, the Nuix platform can search through terabytes of data and unstructured records to match data to system and business.
It’s also a solid tool for embedding POPIA compliance within the organisation on a granular level.
Another product, MOVEit, provides secure collaboration and automated file transfers of sensitive data and advanced workflow automation capabilities without the need for scripting.
Encryption and activity tracking enable compliance with regulations such as PCI, HIPAA, POPI, and GDPR.
These solutions are just some of the options on the business table to help companies stay on the right side of privacy laws while remaining protected and aligned with data protection standards.
They are easy to implement and manage and come without the complexity that so often dog security and compliance.
The original article can be viewed here:
More information on Ozone: