Story image

Is the government’s new data breach bill going to give your business a bad reputation?

15 May 17

No one likes admitting when they’ve made a mistake. Especially if it’s a big one, like a leak that exposes customers’ private and personal information. But that’s just what businesses will have to do with the Government’s Breach Notification Bill passing through parliament earlier this year.  The bill requires businesses to notify the Privacy Commissioner and affected customers as soon as they  become aware of a ‘notifiable breach’ in data. 

In many personal scenarios, admitting you’ve made a mistake results in a warm hug and a chat about how you can do things better next time. Unfortunately, the corporate world is a little less forgiving and can result in fines, loss of revenue and severe reputational damage.

Late last year the Red Cross landed headlines like ‘Red Cross data breach could have exposed donors to identify theft’ and ‘Phishers go after Red Cross data breach victims’ when it compromised 550,000 blood donor’s private details online. These headlines are forever immortalised online and with more businesses required to fess up and face the music we can only expect to read more. 

It has never been more important for businesses to make sure their data and their customers’ data is fiercely protected. While most businesses make sure they have effective security infrastructure,  it’s important not to cut corners in other areas, such as software.

Last year in Australia, the number of reported cases of unlicensed software operating in businesses  steadily grew 105% year-on-year. And before you shrug your shoulders wondering what harm a little bootleg program could have on data being breached, an IDC Study found there is a connection between unlicensed software and cybercrime. 

Many businesses don’t realise that by having your software properly licensed, it provides additional benefits alongside compliance: 

Software comes with its own encryption, providing an extra level of security to your business data. As computers continue to increase in processing power, encryption is required to be ever evolving.

The current encryption of 128-bit AES would take today’s computers 10.79 quintillion years to crack, however, with quantum computing this would take less than six months. Software producers continually update and build encryption into their products ensuring their customers’ data is future-proofed. 

Software constantly needs to be patched and notify you of urgent security updates. While patching is one of the last things on a business’s mind, it is one of the most important.

A recent report, Flexera Software’s 2016 software vulnerabilities,  found there were 17,147 vulnerabilities across 2,136 products, of which 81% had patching available on the day of discovery. Unlicensed software doesn’t have automatic patching or built-in alerts, leaving users vulnerable to known flaws.

Licensed software also saves businesses time and money. Similar to patching, unlicensed software doesn’t provide users with the best and latest features, forcing the businesses to uninstall and reinstall the program every time they want to upgrade. Properly licensed software can quickly upgrade while the system is offline, saving the user time and the business money.

What this all means is that unlicensed programs could be the reason why you have to explain to your customers why their personal information has been stolen. It has become even more imperative that businesses ensure they are using licensed software.

 Check that your software has a certificate of authenticity and invest in an effective Software Asset Management (SAM) tool to make sure all the moving parts of your business are safe and secure. And you can avoid damaging headlines that drag your business’ reputation through the mud.  

Article by Gary Gan, Director of APAC Compliance at BSA.

The secret to scaling DevOps in the digital era
"Organisations around the world have learnt at a cost that while agile DevOps methodologies can result in improved outcomes within teams and projects, they have a propensity to fail miserably."
APAC FinTech network launches to encourage cross-border innovation
Nine associations formally launched the network by signing a Statement of Intent at the Asian Financial Forum event in Hong Kong.
New blockchain solution aims to keep our food ethical
OpenSC enables anyone to scan product QR codes which automatically takes them to information about where a specific product’s journey.
Avaya expands AI offerings with new partnerships
The additions to the ecosystem will enable Avaya to add prioritisation and natural language processing to its UC solutions.
Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
SUSE partners with Intel and SAP to accelerate IT transformation
SUSE announced support for Intel Optane DC persistent memory with SAP HANA.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."