Johannesburg, 22 Nov 2017
The POPI Act is yet to be fully implemented, nevertheless, it's coming soon. So, in order to be POPI-ready, organisations have to change their security mindset and take necessary steps to ensure their customer data is protected. Now, the fact of the matter is that a data breach is inevitable, but most importantly, 'are you ready for it?' is the question.
Organisations that handle customer data owe it to their customers to safeguard their identity with more robust security systems in place, and until this happens, we will continue to see regular security breaches if organisations carry on relying on outdated protection methods. If companies don't wake up to this new reality soon, the consumer revolt is predictable.
The smart way forward is to move away from the traditional strategy of focusing on breach prevention, and take the 'secure breach' approach. This means accepting that breaches happen and use best practice data protection to guarantee that data is effectively 'useless' when it falls into unauthorised hands.
Traditional security strategies such as singular focus on breach prevention like firewalls, anti-virus, threat detection and monitoring are becoming obsolete. It's time to make a paradigm shift in mentality from 'breach prevention' to 'breach acceptance'. Today, hackers are more skilful than ever before, therefore equipping your organisation with a security strategy that will help in protecting your customer data in case of a breach scenario is always a smarter modus operandi.
High-profile breaches are ongoing, and have immensely damaging consequences on organisations. POPI may not mandate any specific process to secure data, but having said that, the most robust mechanism for securing data is through encryption. Applying security controls to the data itself means ensuring the right people have access to the right data by using identity management and two-factor authentication technologies, as well as making sure the data is encrypted and encryption keys are managed properly. A crypto management platform factors in key management and provides additional trust anchors for encryption keys using hardware security modules.
How can StarLink help to mobilise?
StarLink, the region's trusted security-specialised true value-added distributor (VAD), brings to the region IT compliance and next-generation threat-driven solutions to customers to secure critical enterprise assets.
One among the best-of-breed vendors represented is Gemalto, world leader in digital security, which generates value for businesses and governments by protecting identities and data wherever they are. This is done in two interconnecting ways. By embedding secure software and objects to authenticate people and things. By running secure software on platforms to protect and encrypt data across networks.
Gemalto offers the only complete enterprise encryption portfolio that provides persistent protection of sensitive data at all critical points in its life cycle. Gemalto's data encryption and cryptographic key management products enable organisations to secure sensitive data in databases, applications, storage systems, virtualised platforms and cloud environments.
"POPI is around the corner, and it's time organisations gear up, full-on, with a forceful security strategy to become compliant. With Gemalto's Enterprise Encryption Solutions, organisations can attach security directly to their data in an easy, scalable way and protect it while in motion and at rest," said Wayne Forsman, Territory Manager, sub-Saharan Africa at StarLink.
Share