Data Protection Day: Enforcing critical security measures in the world of remote working

Today, on Data Protection Day 2021, we hear from a number of experts in IT and cybersecurity, who offer their commentary on the best ways to maintain data protection and privacy, IT team training and education around protecting customer data, and the impact the rapid shift to remote work operations has had on keeping sensitive data secure.


With the masses of personal data we entrust in companies, organisations in every industry must make sure they have the right security practices in place to ensure employee, partner and customer data is safe, secure and difficult to be hacked and sold on. Data Protection Day holds even more importance this year with the widespread transition to remote working, presenting new challenges around data protection.


Understanding compliance

According to Martin Taylor, Deputy CEO and co-founder at Content Guru, remote working and the use of video has presented new data protection challenges: “In a recent report, research firm MarketsandMarkets estimates that the enterprise video market will grow from $16.4bn in 2020 to $25.6bn by 2025, but points to limited interoperability of different enterprise video solutions as a key challenge facing organisations. This is particularly poignant for organisations in heavily regulated industries, such as financial services, where firms are now faced with the data protection implications of collaboration application sprawl. Disjointed, ‘swivel chair’ compliance is becoming increasingly impractical, given the diversity of tools now in use.”  

Martin highlights, “Unified solutions may allow firms to develop cost-effective, enterprise-wide compliance and data management policies that eliminate the problems associated with old-style disjointed methodologies. Not only does universal search give compliance officers complete visibility, but it also helps maintain effective standards across all stakeholders. Whatever the year ahead brings, we can be sure these core technologies will play a foundational role.”

Gareth Tolerton, Chief Product Officer at Totalmobile emphasises, “Data protection is a global compliance requirement, it’s not only about GDPR. 

“Organisations working around the world need to be aware of the latest requirements in every country and ensure that their systems and processes meet these needs. To do so, there are a few top tips to follow. Ensure that you have specific policies in place around the handling, storage, access, visibility and transmission of personal data so that staff know exactly when and how they can interact with this. In the same vein, training is vital. Initial GDPR training would have occurred almost three years ago, so regular refreshers are key to keeping teams secure. And finally, organisations that can appoint a dedicated Data Protection Officer will be able to give their full attention to internal compliance strategies and processes, adding that extra layer of protection.”

“We’re currently waiting for a big post-Brexit announcement concerning data protection from the EU to grant the UK Adequacy, allowing data flow across the EU to continue,” says Vicky Withey, Head of Compliance at Node4.While we have no crystal ball to help us predict the future decision making of the EU, we can certainly prepare for the possible outcome. 

“Supplier Due Diligence ensures that data providers can secure the data they are being trusted with is a current theme we see at Node4. Compliance standards such as ISO 27001 and PCI are a must for those who want to ensure a level of control for processing, storing and transferring data securely.

“Future changes to GDPR I foresee will be a greater awareness from consumers to know and understand their rights concerning their personal information. Organisations will be forced to make ethical decisions on how personal data is collected, processed, stored and shared to ensure that they are not in breach abusing an individual’s rights. Consequently, boardrooms will be expected to report and monitor privacy breaches and support compliance to embed data protection within the organisation.”



“Selecting a technology partner that can help make this as easy as possible – likely by keeping customer data securely in the cloud – is crucial.”

Animesh Chowdhury, founder and CTO at GoodTill


Learning to protect the masses of data

Animesh Chowdhury, founder and CTO at GoodTill explains how organisations in the hospitality sector, such as restaurants, have had to turn to new technologies to allow online purchasing to stay afloat during the pandemic.

“Managing this data can be a tough job for organisations not already familiar with protecting this kind of information, so selecting a technology partner that can help make this as easy as possible – likely by keeping customer data securely in the cloud – is crucial. Data Protection Day should act as a reminder to businesses that while keeping operational throughout the pandemic is important, customers are trusting you to protect their information with every transaction. 

“Data protection and compliance is a key part of long term customer loyalty. It can be complicated, but by leveraging the right technology, business owners can rest assured their data is safe and instead focus on offering the very best experience for their customers during this trying time and beyond.” 

With many organisations carrying out full or hybrid remote working for its employees, organisations have an increased reliance on the cloud and a distributed enterprise. Surya Varanasi, CTO at Nexsan, a StorCentric company discusses how this increases new challenges for the company, to protect data from cybercriminals:

“To fight the mounting threats and protect their data, organisations must combine known best practices with modern technology. Once those are in place, incorporating unbreakable backup solutions will serve as a last line of defence, allowing organisations the ability to recover, maintain uninterrupted operations and avoid paying ransoms should they be attacked. This way, sensitive information is kept safe and business continuity remains intact.”


data protection day

Putting the right security practices in place

“There are few organisations that don’t understand the importance of data protection – but when it comes to fighting the tsunami of security alerts thrown at them every day, many security and IT departments are simply overwhelmed. In 2020 alone there were some 18,000 new vulnerabilities published. For overstretched and often under-resourced teams, it’s often a case of too much, too fast, no time,” explains Stephen Roostan, VP EMEA at Kenna Security

“However, all is not lost. What’s needed is context. For example, of the 18,000 vulnerabilities published last year, less than 500 had exploits out in the wild. And not all vulnerabilities carry the same risk. A vulnerability that carries risk to one organisation could be harmless for another. The impact for every company is akin to a person’s DNA. It’s totally unique.



Read More: How will 2021 look in the world of data storage?



“The answer is to determine what risk tolerance your organisation is prepared to accept and empower IT teams to prioritise fixing the vulnerabilities that pose the most serious risk to their IT environment. It’s impossible to fix every vulnerability – that’d be similar to boiling the ocean. The trick is to use data science and predictive modelling to understand where to focus your efforts. Accuracy and speed are paramount. Pinpointing the highest priority vulnerabilities and tackling those first will minimise the risk of cybercriminals compromising sensitive and confidential data.”

“When it comes to the methods cybercriminals employ, phishing emails – malicious emails containing links or documents laden with malware – continue to be a prominent threat,” identifies Thomas Cartlidge, Head of Threat Intelligence at Six Degrees. “Cybercriminals design them to evade both technical and human defences, and organisations should expect phishing to remain one of the main threat vectors that hackers use to deliver both ransomware and business email compromise (BEC) attacks in 2021.

“In order to protect their data, all organisations need to know how to best defend against phishing emails. But how can you adapt? Well, point solutions are all well and good but ‘defence in depth’ can only be achieved by understanding your security posture, aligning it to your risk appetite, continually assessing it for suitability, and equipping your staff with the latest information on threats to create a phishing-savvy workforce. Get it right, and you will significantly reduce the financial, operational and reputational risks you face.”


Educating employees

To conclude, Agata Nowakowska, AVP EMEA at Skillsoft explains that with many employees working remotely, cybersecurity awareness training is essential to protect critical and sensitive data.

“According to Cisco’s Benchmark Report 2020, more than half (52%) of organisations are finding it very or extremely difficult to defend mobile devices. With IT security teams already stretched thin, it’s crucial that organisations prioritise education, training and awareness around the specific security risks related to remote working. Online or virtual-led training is an extremely effective method of training employees who are working remotely and will continue to be a key tool in the new world of work we are now in. Data Protection Day holds more weight now than ever before – learning & development teams should draw on this as they drive awareness within their organisations.”



Data Protection Day serves as an important reminder to companies to ensure security is a top priority! 


Bekki Barnes

With 5 years’ experience in marketing, Bekki has knowledge in both B2B and B2C marketing. Bekki has worked with a wide range of brands, including local and national organisations.

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...