Compliance with the looming GDPR enforcement is simply a matter of tweaking POPIA and general best practice models for data protection.

With Europe’s General Data Protection Regulation (GDPR), set for enforcement on the 25th May 2018, South African companies of all sizes dealing with the personal data of European residents should be focusing on their ability to comply. On top of GDPR, the South African Protection of Personal Information Act (POPIA) sets out fairly stringent guidelines for data protection.

The rapid growth of devices and associated attacks aimed at mismanaged or unpatched devices, in conjunction with unsuspecting users, is proving difficult to keep up with. J2 Software has launched a range of solutions geared to meet these challenges.

“Every day new devices are being added to the corporate environment bringing new threats and vulnerabilities in the picture. This is why we push for visibility of organisations’ entire environment and this must go beyond the corporate network in our modern, hyper-connected society,” says J2 Software MD, John Mc Loughlin.  

He emphasises that systems live in-house and in the cloud with data being accessed and managed on several devices in numerous locations. “Without visibility, you will not even know if something has been lost.

So, your security perimeter is tight, right?  Your corporate email has advanced threat protection. You have deployed an anti-virus system.  That means you are all good and it is time for you to hang up the sign: Gone Fishing and with not a care in the world.

This might be an effective approach in a world where the people using the devices never leave the office and always and only have access to information when seated safely behind your firewall. It would be great if they never searched for anything online and also never saw a web based advert or used any personal email service such as Outlook.com or Gmail. If all of the foregoing is the case - rest easy and happy fishing.

Physical security is no longer just a case of a high fence and security guards. Everything is interconnected and reliant on readily available information and visibility in order to maintain security installations.

All aspects of security are driven by information, and all of this is digital – so by not ensuring that you have the correct cyber-security programme in place all can be lost to a smart cyber-attack. Internet Protocol (IP) phones, cameras, access control are all connected to the Internet. Do you know how much of your footprint is visible to the outside world… and is it secured?

An important point to get out of the way is the ongoing mention of IT security. The name itself is incorrect; if we continue to focus on the words IT security, it means that this field sits purely within IT. This is not the case today. Cybersecurity cannot be done just by IT, it is a specialist field. You would not get an ice cream manufacturer to handle your physical security, so why ask an IT professional to manage your cybersecurity. Both could do the job, but would the outcome be desirable?