Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Ähnlich wie IS/DPP for staff #2 - Why?
Ähnlich wie IS/DPP for staff #2 - Why? (20)
Mehr von Tommy Vandepitte
Mehr von Tommy Vandepitte (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
IS/DPP for staff #2 - Why?
- 1. - Internal - IS/DPP Baseline Training E-learning – Part 2 – Why?
- 2. 2 - Internal - Page Why are we doing this?
- 3. 3 - Internal - Page Avoid the Bad
- 4. 4 - Internal - Page Legal Sanctions
- 5. 5 - Internal - Page Litigation with Competitors or Customers
- 6. 6 - Internal - Page Competition Stealing our Ideas, Customer Data,…
- 7. 7 - Internal - Page Reputational Damage
- 8. 8 - Internal - Page Reputational Damage
- 9. 9 - Internal - Page Reputational Damage
- 10. 10 - Internal - Page Reputational Damage
- 11. 11 - Internal - Page Practical Impact
- 12. 12 - Internal - Page It Can and Does Happen To Us Email from the CIO (the day after) I am please to inform you that the virus infection we suffered yesterday is now resolved an the file servers are back online. The cause of the issue was an infected attachement in an email that appeared to be from a trusted external organisation but was actually spam. I would like to remind everyone to be aware of the threat of what can often appear to be legitimate emails. We have the latest and completely up-to-date virus checking software installed in the organisation, but the hackers are one step ahead. So it is impossible to automatically detect everything. We need you to be vigilant. If you receive anything fro external sources with attachments that you are either not expecting or appears in any way suspicious, please, shut down your pc immediately and contact the helpdesk. The impact of this particular incident was 24,000 files were encrypted on the file server and could no longer be opened. The IT team was working all night to restore the situation.
- 13. 13 - Internal - Page Practical Impact
- 14. 14 - Internal - Page Practical Impact
- 15. 15 - Internal - Page Pick up the Good
- 16. 16 - Internal - Page Trust
- 17. 17 - Internal - Page Trust
- 18. 18 - Internal - Page Information Management
- 19. 19 - Internal - Page Clean(er) Data
- 20. 20 - Internal - Page Better Customer Experience
- 21. 21 - Internal - Page More and Better Use of Data
- 22. 22 - Internal - Page Key Takeaways We avoid the bad. No sanctions. No negative financial impact. No negative reputational impact. No negative practical impact. We try to capture the good. Be trustworthy. Manage our data. Lower our cost. Support the customer experience. Be future proof. 30 sec IS/DPP survival kit WrapUp
Hinweis der Redaktion
- Welcome to the second part of the baseline training IS/DPP. Herein we look at why ABC Group cares about IS/DPP.
- Well, we try to avoid the bad, and pick up some advantages along the way.
- Let us start by looking at the downsides we want to avoid.
- Non-compliance with the legal obligations can lead to criminal or administrative sanctions like fines or the prohibition to continue processing certain data. (The initiative does not only lie with the district attorney, but also with the data protection authority and the financial supervisor.)
- The initiative for legal actions can also lie with competitors (claiming ABC Group by bending the law competes in a dishonest way) or with customers (who could claim for damages).
- A competitor may also succeed in peeking at our ideas or client list.
- Getting IS/DPP wrong can also impact ABC Group’s reputation.
- Before you had the complaining customer, who talked to his family and friends, and the media that had a big effect;
- That has changed now: a defaced website
- and an angry customer shouting out on social media have quite similar effects.
- Finally it is worth mentionning that a failed IS/DPP framework can have a practical impact.
- For example: say that the company were impacted by ransomware. A phishing email that included a virus infected attachment, was opened by an colleague. The ABC Group IT infrastructure was impacted. 24k files were encrypted by the virus. To stop the virus from spreading the servers were shut down. Staff had no access to the files on the server drives for half a day. IT had to pull an all-nighter to fix it.
- But it doesn’t have to be an attack. “Dirty data” impacts us every day. The customers’ address, email, telephone number not being correct adds to the cost of trying to contact our customers.
- And it prevents us to use the data for statistics and to improve the service.
- No need to focus entirely on the bad.
- When you get IS/DPP right, it can be a source of trust, both for our customers (especially the once that are privacy-minded, and yes, even corporations ask us for evidence of our commitment on the topic), and
- from institutions (which allows banks and insurance companies – for example - to connect to authentic government database like the Belgian national register via Identifin).
- Getting IS/DPP right also means having an overview of your information assets and the requirements we set for them and have an organisation in place to manage it. That is just as well the basis for good information management. And that… should make things easier like retrieving data, not having to collect the data multiple times, having proper backups which avoids loosing your work and having to start all over again, and so forth…
- Part of that is also paying attention to data quality. It is a good basis for proper accounting, relationship management with the suppliers and customers, our authentication procedures, etc.
- All that should allow us to give the customer a better customer experience.
- We think working on IS/DPP, will also bear fruits in the future. It should give us more options in terms of processing data within the confines of the trust we get from the individuals involved. And it should arm us for the future and make us face it with confidence, even with stronger enforcement of the law.