Why Australian businesses must step up data and IoT security

By Wavelink
Share

The need to comply with data breach legislation means Australian companies must be aware of their obligations and must ensure their own networks are fully compliant, along with the devices and applications of contractors, third parties, and guests that plug into the network.

Internet of Things (IoT) devices pose a particular risk and must be explicitly secured.

Eligible Australian businesses must now report notifiable data breaches (NDB) to the Office of the Australian Information Commissioner (OAIC). The OAIC’s first published quarterly report found 63 breach notifications were received in the first six weeks alone.

With the introduction of Europe’s General Data Protection Regulation (GDPR) in May and other countries, including New Zealand, expected to introduce similar legislation, organisations need to comply with more regulations than ever.

For example, GDPR affects companies in any country that does business with customers in Europe, which means many Australian companies could be subject to the legislation and some might not even know it.

See also:

Hugo Hutchinson, Wavelink’s national business development manager for Fortinet, said: “Businesses can no longer remain stagnant and fail to act on security and compliance. Organisations of all sizes must ensure they’re in line with the new legislation changes and perform due diligence to ensure their networks are protected. Security breaches affect a company’s reputation and may result in significant consequences, with the cost and ramifications following a security breach potentially far more than the cost of initial investment in adequate protection measures.

“Organisations must also realise the value of the data they possess. Contractors, third parties, and guests plugging into the company’s Wi-Fi network must be limited to accessing only the data they require. Everyone, including third parties, must comply with company security policies and practices.”

The Internet of Things (IoT), which includes wearable technology, voice-activated devices, and smart appliances, present organisations with an additional level of concern. They don’t tend to come with built-in security and can present a backdoor for cybercriminals to access company networks either to take over the device itself or as part of a larger attack.

Hutchinson added: “Schools and hospitals are subject to NDB requirements and they tend to be prolific users of IoT devices, as well as having hundreds of users, including guests, accessing their networks. These organisations must operate an appropriate security and compliance system otherwise they may held liable for any breaches that may occur.”

Share

Featured Articles

Nirvik Singh, COO Grey Group on adding colour to campaigns

Nirvik Singh, Global COO and President International of Grey Group, cultivating culture and utilising AI to enhance rather than replace human creativity

How Longi became the world’s leading solar tech manufacturer

On a mission to accelerate the adoption of sustainable energy solutions, US$30 billion Chinese tech firm Longi is not just selling solar – but using it

How Samsung’s US$5billion sustainability plan is working out

Armed with an ambitious billion-dollar strategy, Samsung is on track to achieve net zero carbon emissions company-wide by 2050 – but challenges persist

UOB: making strides in sustainability across Southeast Asia

Sustainability

Huawei smartwatch goes for gold with Ultimate Edition

Lifestyle

How IKEA India plans to double business, triple headcount

Corporate Finance