The SingHealth data breach in July has put the spotlight on sophisticated cyberattacks and the urgent need for companies to protect their data.
For small and medium-sized enterprises (SMEs), the developments have been watched keenly and with a fair amount of trepidation as well.
Many successful SMEs have digitalised their operations to reduce operating costs and also reach out to a global marketplace. As a result, they have to figure out how to ensure that their network is not compromised by hackers, leading to business loss and reputational damage.
According to PK Gupta, global presales lead of data protection at Dell EMC, the amount of data that is being generated globally is doubling every two years.
“As we progress into becoming a paperless society, data has become the lifeline for organisations. When dealing with data, we need to figure out how to store, process, access, archive and protect it,” he added.
The biggest challenge for SMEs, he pointed out, is that their IT environments are more complex than they were two years back. Today, there is more data, accompanied by more end-point devices and a need for both private and public cloud platforms. Plus, fewer geo-restrictions now enable more users to use applications from around the world.
Gupta said that data regulations and compliance are coming to the forefront globally, enabling governance to play a major role in the protection of this important data.
As data is being democratised, he noted, data privacy issues are becoming a huge consideration for many, especially with data breaches and ransomware attacks happening regularly.
What can SMEs do? Here are some considerations, according to Dell EMC:
1. Understand and evaluate the value of your data
Data, such as identity card numbers, carry a bigger value than, for example, the demographic breakdown of your customers. Understanding this will help in assessing which type of data is more likely to be targeted by hackers.
2. Comply with data regulation
There are different data regulations, like the European Union’s General Data Protection Regulation (GDPR) and Singapore’s Personal Data Protection Act (PDPA) that affect SMEs. Depending on what the value of the data is and where the data is being hosted, SMEs must understand the regulations that they need to abide by.
3. Understand the severity of cyber threats
Most SMEs are not fully aware of the impact data breaches can have on them. Given the regularity of breaches these days, it is only a matter of time before a company’s data is targeted by malicious actors. Understanding the risk and cost involved in such instances is an important step that SMEs should take.
4. Balance cost, productivity and effectiveness
SMEs have limited manpower and capital at their disposal, making it a challenge for them to find the right solution that is low cost, does not impede productivity by slowing processes down and is able to secure the data effectively. Without a contingent of IT experts in the company, they have to rely on a trusted technology partner.
Regardless of size, organisations are looking for the same characteristics in data protection as they move towards digital and IT transformation. That is, always switched on, connected, fast and well protected, according to Gupta.
Customers are also pressuring companies to make use of more data to offer a better service, no matter the size of the organisation, he said, adding that massive amounts of data has been routed across the globe to achieve this.
“This has elevated data security as one of the top concerns for all organisations out there,” he noted.
CLARIFICATION at 9:52am, 27/09/2018: The designation for PK Gupta was incorrectly stated in an earlier version of the article due to incorrect information supplied to Techgoondu. This has been corrected in the current version.