With new EU data protection regulations recently approved by the European Council, security firm OPSWAT warns that EU businesses need to be prepared to meet stronger data security requirements or face tough sanctions.
With revisions to the EU data protection regulations drawing closer, EU businesses need to step up their data security measures. The proposed changes, that will be finalised later this year, mean that non-compliance sanctions will be significantly increased. Businesses found to be non-compliant could be hit with fines of up to one million EUR or two percent of annual worldwide turnover (whichever is greater).
Considering that unsafe methods such as ftp and email are still widely used for transferring sensitive data, it is important for companies to revise their data security policies and implement a secure file transfer system before being hit by damaging data breaches and hefty fines.“Using FTP for file transfers is unreliable, not secure, and offers no audit trail. Email can easily be intercepted which means that any confidential information sent through unencrypted email is at risk of being exposed,” said George Prichici, Manager at OPSWAT. To minimise the risk of data loss, George has the following recommendations for safely exchanging sensitive data:
Companies need to implement a secure file transfer system that allows users to send and receive files securely, utilising encryption and authentication. Sensitive files need to be removed from the system as soon as they are no longer needed, preferably automatically after a specified number of days or downloads. Companies must have a cyber security policy in place and provide training to make sure employees understand how to safely handle sensitive data.