January 28th is Data Protection Day in Europe, aka Data Privacy Day in the USA. This international event commemorates the same date in 1981, when the Council of Europe’s data protection convention, known as ‘Convention 108’, was signed. Whilst many campaigns are run throughout the year on educating consumers and businesses on data issues (e.g. Stop. Think. Connect), Data Protection Day was designed to encourage events and awareness schemes on an issue that has never been more relevant.

Why do we need Data Protection Day?

A story that grabbed my attention recently was that of a group of girl scouts in America earning badges in cybersecurity. While the badge’s primary aim is to prevent gender stereotypes in technical careers, it also puts a spotlight on children as young as five concerning themselves with protecting data online. It’s smart preparation for a world where data is already practically currency. For my generation and older we’ll have to figure this out for ourselves, which is why Data Protection Day is around – to educate us on our rights and the risks associated with using online services.

And it pays to prepare. Fears over data protection are not unfounded. If you haven’t heard of Collection #1 yet, you’ll want to check if your data has been part of this latest breach at haveibeenpwned.com ASAP. Creator of the site and information security journalist, Troy Hunt, uncovered a whopping 773 million record data breach, prompting his advice to consumers to take basic steps to improve their data protection online.

I’ve taken note as a consumer, what about my business?

Data protection is not only a legal issue for businesses, it’s a make-or-break deciding factor for customers in whether to use your services at all. With breach scandals in the news and the success of campaigns such as Data Protection Day, we’re all (hopefully) becoming ever savvier on data protection issues. So trust in your company’s ability to prevent security violations is key to them signing up in the first place.

How can you create trust? Make sure you’re being transparent about your data protection practices – including why you’re asking for specific details – and keep reviewing privacy practices to stay one step ahead of hackers.

What happens if the unthinkable happens? Take British Airways, for example. They announced back in September 2018 that around 380,000 card payments to BA had been compromised. The consequences showed the parent company (IAG)’s shares falling over 4% after the announcement; consumer ‘impression score’ plummeting; and speculation on GDPR fines in the region of £500-800 million.

Such data breaches are in the news every day, so they are sure to be a much-discussed topic on Data Protection Day again this year.

How can I avoid a data breach?

Identity and access management (IAM) is the key to keeping your data safe. IAM relates to verifying the authenticity of a person’s identity so that the person may be granted access to online systems and services – both in terms of your internal employees and external customers/partners.

Act quickly to avoid the irreparable damage of a data breach in your organisation. Effective IAM can be deployed quickly and easily with Identity-as-a-Service (IDaaS – aka SaaS-delivered IAM). For more information on IDaaS and how it helps businesses take control of their data, go here – ubisecure.com/idaas.

For more expert insights into why Data Privacy Day (aka Data Protection Day) is important now, and what to do about it, check out this article by Security Briefing – totalsecuritysummit.co.uk/data-privacy-day-security-industry-highlights-key-issues.

Let me know if you have any questions/comments below and don’t forget to get involved with Data Protection Day this year!