How Safe Is Your Data Really?
Imagine you wake up one day and by coincidence read in the news that your favourite social network got hacked and pretty much all your personal data such as email address, password, credit card number, phone number were exposed and fully accessible to the public online or being used by somebody else. How would you feel? Or maybe it already happened to you?
Well, this happens on a daily basis to tens of thousands of people throughout the world. It then becomes sensible to question how safe is our data really with the companies we entrust them with? We can also question whether the General Data Protection Regulation in the EU for example is really that effective. In addition, what about countries where there is no data protection law or regulation in place? What kind of rights do you as consumers have and what kind of responsibility do companies have regarding all the data they are holding on our behalf? Don't we all get that feeling of helplessness mixed with anger and frustration?
Here some information about the data economies we are living in: By 2025 half of the world's data will be held in public clouds and not in local servers on premise anymore. Until then, the cloud storage industry (Amazon, Google, Microsoft and others) will ship 42 zettabyte (just to clarify: 1 zettabyte is more than a ton of data, it is 1 trillion gigabytes). As all that data is held securely, for example in the EU, under strict Data Privacy Laws and managed by specific data protection services to allow efficient cloud computing and at the same time preventing any kind of data leakage, we have to acknowledge that still some of that data ends up being hacked and leaked somewhere. In 2019 there were officially 8,5 billion data records breached, whereas if we take a closer look over all these years, the number of data breaches is more than staggering, it is almost infinite. 2020 alone, at an all-time high, has seen over 36 billion data records exposed!
But why is that? Are current ways of handling data in a secure manner not enough? Are compliance software and security solutions flawed? Why is our data still being hacked, leaked or simply exposed, sadly often in the darknet, if we have all these cybersecurity measures and data protection schemes in place?
Well, the answer is complex and in our blog we will discuss these topics with you over time.
To start off and simply put, the current ways of handling our sensitive data are still not enough to keep our data (your data!) once and for all safe and secure. The reasons are manifold: Businesses are not possessing proper data governance schemes and do not educate their employees, they are using insufficient security protocols and encryption technologies or are partnering up with companies not respecting the data which is being shared with them. Like this, unauthorised user access and leakages by accident or purpose, inside or outside of the business, are common issues. Talking about encryption in specific: Data being held securely at rest in cloud environments still needs to be decrypted in order to be worked with and the cloud provider holds the decryption key, thus being able to see the stored data. Once decrypted, the data is left vulnerable for potential theft, breach or disclosure. Most of the cloud providers use an encryption protocol to protect the data in transit in order to send it to the client or end-user, but there are these intersections in which data is left without protection (when being processed for example), which then intruders take advantage of.
These reasons are just the tip of the iceberg, data security is a vast field, difficult to understand and not much talked about in a simple to understand manner in one single medium. Our goal with this blog is to bring information to you in the most transparent way possible for you to learn more about data protection and privacy, keep yourself up to date with the most recent news and how to protect your data without having to despair amidst an abundance of tips and solutions.