Combating the data protection challenges in Australia


Alessandro Porro, Senior Vice President, International Sales, APAC, Ipswitch

ipswitch_logoThe world doesn’t show enough appreciation for IT teams in general. The mindset which follows the department is that they are a back-end function. Their critical nature is only considered when IT issues crop up.

Today, data is king. Achieving optimal performance at work revolves around the connectivity and capabilities offered by IT devices and solutions. Australia, as one of the mature economies in Asia-Pacific with regards to IT departments, is no different with multiple industries embracing the data revolution by gathering and analyzing information generated by their customers. This has been used to generate insights to improve existing operations, discover new ways of doing business and evolution of business processes. Now, business processes are almost entirely dependent on the digital data and files transfer between applications, people or applications and people. Thus, the IT department has to understand the needs of the business and employees, and implement solutions accordingly. A lack of foresight in planning could cause problems to crop up more often, leading to dissatisfaction in the workforce as they won’t be able to perform effectively, which in turn will impact customer satisfaction.

How-MOVEit-Helps-Assure-File-Transfer-Compliance-with-Regulations-Like-H...The key issue is security. Australian companies have been increasingly targeted with more data breaches having been reported in the country than anywhere else in the APAC region in the first half of 2016, according to the Gemalto Breach Level Index. Alarmingly, data breaches can cause heavy financial and reputational damage to the organization. As per the IBM and Ponemon Institute 2016 Cost of Data Breach Study, $2.64 million is the average total cost of a data breach in Australia.

Although there are plenty of solutions in place that enable business integration, many companies still struggle with protecting data in an increasingly complex and unsafe world – especially while ensuring proper access control, audit trails and visibility.

Greater involvement of governments and regulators

Government and industry regulations recognize the need for security and place an enormous burden of responsibility on companies to comply, protect and monitor the use as well as disclosure of data. The Australian government recently passed a law which will include mandatory data breach notification and heavy penalties for non-compliance. The legislation considers a serious breach to have occurred when there is unauthorized access to, disclosure or loss of customer information held by an entity, which generates a real risk of serious harm to individuals involved.

As per the law, organizations that determine they have been breached or have lost data will need to report the incident to the Privacy Commissioner and notify affected customers as soon as they become aware of a breach. It must include a description of the data breach, the kind of information involved, and how customers should respond to the security incident. Those that fail to notify face large penalties including fines of AU$360,000 for individuals and AU$1.8 million for organizations.

While all companies deal with personal data, some industries possess more sensitive information than others. Two such industries are healthcare and banking and finance.

Health isn’t the only thing which needs to be protected

Healthcare industry is ramping up to take the advantage of its large data pool in the information age to provide better quality services to patients and transform their operations. With Electronic Health Records, which have replaced handwritten notes and filing systems, healthcare data is now available to medical professionals at the touch of a button.

Due to its valuable nature, healthcare data is being targeted by cybercriminals. It requires protection of the information in the fluid environment of the healthcare industry and constant backing up of data while being in compliance with regulations.

Protecting financial information

The banking and finance industry is one of the prime examples of the power of transformation of data. Customers have benefited from capabilities which provide them access to financial services anywhere they want. The flipside of this has been the targeting of banks and other financial institutions by hackers. In the last few years, some of the biggest names in the industry have been hit by data breaches.

In this scenario, end-to-end encrypted managed file transfer (MFT) technology can offer enormous value to enterprises within the highly regulated industries of banking and finance. Effective MFT solutions can integrate with existing company workflows and content-transfer processes, allowing IT teams to maintain control over the entire file-transfer lifecycle, and ensure appropriate corporate governance for all data. It also enables end users to transfer business files simply, efficiently and safely, thereby promoting business growth while at the same time, maintaining optimal security and meeting rules and regulations requirements.

Medibank, Australia’s largest provider of integrated health insurance, is using an automated and secure file transfer system that not only allows IT to manage, view, secure and control all file transfer activity, but also meets Australian governments and Commonwealth regulations and policies. Medibank estimates that it will achieve substantial time savings that will translate into dollar savings of over $30,000 each year, a figure that will increase as the number of files transferred grows. The company is focused on protecting the trust of its customers with their personal health information through proactive adoption of innovative technologies.

The data revolution has created a sea change in the business environment. However, as the challenges of protecting it grow, we expect increased pressure being placed on companies. Australia has already taken a massive step in the right direction with the law which includes mandatory data breach notification causing a stir amongst industries across the country. Companies will need to stay one step ahead of hackers as well as regulators to ensure smooth functioning of their business. At the same time, regulators will need to evolve their policies to maintain the delicate balance of protecting vital information while allowing businesses to function smoothly. This will require initiative on part of the senior management and significant investments in the IT department to arm them with the tools to ensure the business can leverage data and grow in the digital era.