Are you aware of the GDPR General Data Protection Regulation?

The General Data Protection Regulation (GDPR) significantly changes data protection law in Europe, strengthening the rights of individuals and increasing the obligations on organisations.

Get aware and Get prepared.

Here are some short videos explaining what your organisation needs to do to achieve compliance.

 

Between now and May 2018, we will be sending more updates to our clients on this very important regulation. 

Further information is given below.

Please contact us in the meantime,  if you need further information.


The GDPR is upon us! Well, almost…

If your organization serves customers or individuals in the European Union, you’re likely already aware of the General Data Protection Regulation (GDPR). Introduced in response to concerns about data privacy, the GDPR will go into effect on May 25, 2018, requiring responsibility and accountability for every organization that processes the personal data of individuals in the EU. In today’s global economy, that includes the vast majority of enterprises and a large proportion of smaller businesses as well. The extensive requirements of the GDPR—and the high cost of non-compliance—make preparing for this new regulation a top priority for today’s organizations.

GDPR Basics

The first thing to understand about the GDPR is to whom it applies and what it covers. The regulation refers to both “controllers” and “processors” of data—in other words, any organization within the EU and any organization that stores, handles, or processes personal data of EU residents in any way. Personal data is defined quite broadly to include not only information provided by the individual, but also observed data such as online identifiers, browsing history or social media posts; data derived through straightforward processing such as previous transactional history; and data inferred through more complex processing. Given this, companies need to be extremely thoughtful about the handling of any data they collect.

The GDPR is all about accountability and governance. Companies must take steps to minimize the risk of breaches and uphold the protection of personal data, ensuring compliance through documented technical and organizational security measures.

Penalties

If GDPR compliance seems onerous, consider the alternative: organizations that fall short of GDPR requirements can face stiff penalties on a two-tier fine structure. A lack of compliance can bring a penalty of €10 million, or 2 percent of global revenue, whichever is greater.  Companies that violate the rights and freedoms of their data subjects—including those that fall victim to hacking and other breaches of personal data—are subject to twice that penalty. Add this to the already-considerable set of risks associated with a data breach.

Incident Response

In addition, under the GDPR, organizations will now have a 72-hour breach notification obligation. This applies to more than just the loss of personal data; any breach of security leading to the destruction, loss, alteration, unauthorized disclosure of, or access to personal data must be disclosed within the mandated time period. This requirement will cause many companies to mature rapidly their data incident response programs.

Additional Rights

Beyond new penalties, security requirements and incident response obligations, the GDPR extends additional rights to individuals in the EU, including the right to be informed about the use of their personal data, the right to have access, to erase and transfer their personal data.

Trust

At its core, the GDPR is about TRUST. It is about companies handling the personal data of their customers, partners and employees with care and respect. As a supplier of IT systems and services that helps Irish businesses, GDK's relationship with its customers is built on trust. GDK views GDPR as an opportunity to reinforce that relationship, and GDK is relentlessly focused on helping our customers secure all of their data, and supporting our customers’ GDPR compliance programs.

Between now and May 2018, we will be sending more updates to our clients on this very important regulation.

Please contact us in the meantime,  if you need further information.

CyberSecurity: Why your organisation needs to Get Wise to the New Threat Landscape

The CyberSecurity landscape changes every day, with new actors, new threats, new schemes, and new ways to infiltrate websites, emails, devices, and almost anything that is connected to the internet. We’re constantly reading about the rise of spear phishing, DDoS attacks, global malware threats, ransomware, CEO fraud, and more.

Despite all of the attention that CyberSecurity is receiving, there is still a widely held belief in the small- to medium-sized business or organization (SMB) that cyberattacks happen to someone else - the “Ostrich Effect”

Apparently, this is something that is prevalent in humans; it is our natural instinct to avoid unpleasant or difficult news or situations. Unfortunately, hiding from a problem doesn’t make it go away. It just continues without you, delaying the inevitable.

This is the state of CyberSecurity in the SMB market today. The threat exists. It’s real. It’s growing. It is not going away, and if we continue to bury our heads in the sand, it is going to get much worse. 

Ransomware as a Service or RaaS is a direct threat to SMBs

SMBs should be aware that Ransomware as a Service (RaaS) can be used by anyone with the desire to commit cyberextortion and this has changed the threat landscape. SMB's are now at more risk than ever before.
Consider these statistics:

  1. Cybercrime is expected to cost the world over $6 trillion USD by 2021.
  2. SMBs are under attack as cybercriminals understand SMBs have fewer resources and far less protection than larger entities.
  3. Half of all cyberattacks are against SMBs.
  4. Ostrich Effect statistics: 77% of SMBs say their companies are safe from cyberattacks, yet 83% of them have no formal cybersecurity plan.
  5. 6 out of 10 SMBs do not have a contingency plan should they undergo a cyberattack.
  6. 66% of SMBs say they are not worried about a cyberattack.
  7. Most SMBs do not have policies in place to provide procedures for employees in the case of an attack.
  8. While most small businesses feel that they have adequate protection for themselves and their customers, Visa, Inc. reports that SMBs represent over 90% of payment data breaches.  
  9. Most small businesses do not have any cybersecurity training in place for their employees, while 83% of breaches are caused by untrained employees being duped by phishing and spear phishing activities.

Being Proactive is the Way to Defend against Cyberattacks

While the news on the CyberSecurity front is daunting, SMBs with a proactive plan of protection are far less likely to suffer a breach. When considering a plan for protection, these four areas should be reviewed:

  1. Risk Assessment—it is critical to know what data is at risk, where it is, and how to protect it.
  2. Risk Remediation—have a process to remove/back up/encrypt data to bring to “clean state.”
  3. Protection—utilize advanced technologies to secure a safe environment for your business and your customers.
  4. Education—instigate employee CyberSecurity awareness training.

A proactive approach to protection is the key to being safe for most businesses and organisations, whatever their size.

Remember,
if you are connected to the Internet,
you must be protected!

If you would like us to assist, please Ring us now 01-2166 970 or click here to send us a form.

Protect Your Networks with Easy Patch Management

One of the easiest ways for hackers to breach networks is by targeting the vulnerabilities of out-of-date software. It has never been as important to ensure that all devices on your network are correctly patched with the most up to-date software updates.

That’s why keeping software current with the latest security patches
is essential for strong Cybersecurity.

GDK's Remote Monitoring & Management Software (RMM) streamlines patch management by giving you granular control over your patching policies through our Monitored Helpdesk System. Whether you want to automate the entire process, customize patches for certain devices or manually approve or deny patches, RMM gives you peace of mind while getting the job done

  • Automatically approve patches based on severity so you don’t miss a critical security update
  • Schedule updates for specific maintenance windows to avoid disrupting productivity
  • Sup port more software, including critical Microsoft programs and over 80 third party application families

Patches are provided for popular Software including, but not limited to:

  • Microsoft Office 365, Exchange, SQL Server,
  • Internet Explorer and Windows OS, Java, Adobe, Mozilla Firefox,
  • Google Chrome, Apple iTunes and Apple QuickTime.

To assist our clients we install an easy patch management strategy.

If you would like us to assist, please Ring us now 01-2166 970 or click below to send us a form.

Benefits of adding additional Memory to your Servers

Memory is what feeds processing cores, it’s one of the most effective and affordable ways to improve CPU utilisation and efficiency.
There are huge benefits of adding additional Memory(RAM) to your Servers that include:

  • It’s the fastest, easiest, most dependable way to increase Server performance
  • When CPUs are fully utilised, you will be able to use fewer Servers to accomplish more
  • Fewer Servers keeps power, cooling, and software licensing costs lower
  • It’s one of the best ways to cut costs and overcome workload constraints.

Additional Memory helps overcome 5 top server workload constraints:

  1. Limited budget: More memory helps increase CPU efficiency and utilisation, which in turn decreases a server’s cost of ownership because users are getting more performance out of it and are able to use fewer servers to accomplish more.
  2. Unexpected or unpredictable workload demands: More RAM helps eliminate quality of service variance because it provides extra resources for virtualised applications to store and use active data, which lives in memory.
  3. Limited floor space: Scaling up and using less servers optimises limited floor space and cuts power, cooling and software license costs.
  4. Rapid growth in user base: Hosting more users requires more RAM to maintain quality of service levels and gain system flexibility.
  5. High power and cooling costs: More RAM helps servers use power in the most efficient manner plus using fewer servers lowers total energy costs.

The bottom line:
Improve workload performance with more Memory, not necessarily more Servers

For more information, please contact us to discuss how we can help.