Starting May 2018, any business offering goods and services to EU citizens will have to comply with new GDPR rules. These rules explicitly require companies to take all measures necessary to protect the integrity of consumer data that they process or store. A key principle of GDPR is “privacy by default” which requires the digital information in everything from emails and mobile apps to cloud storage systems and M2M communications to be kept private and secure at all times. Studies show that U.S. organizations are no less committed to compliance as those in the EU. One of the most powerful protection measures a company can take is to encrypt data at every stage – in use, in motion and in storage. A tried and tested way to transport sensitive personal data securely across public networks is via business-grade VPNs. VPNs provide an encrypted tunnel to communicate privately between email and mobile connections as well as internal databases and cloud storage facilities.
The threat of cybercrime against retailers is ever present. According to the 2016 Global Threat Intelligence Report, retailers are the top targets and receive up to three times the number of attacks as second placed financial institutions. Around 70% of retailers in Europe admit to being targeted while 45% of the attacks are known to have been successful. In the past 12 months, the US retail sector has also seen repeated attacks on electronic point-of-sale (POS) systems as well as consistently high volumes of phishing emails aimed at tricking insiders into giving access to corporate networks. With online takings expected to account for 21% of overall sales in 2017, cybercriminals will continue to try and profit from any vulnerabilities they can find in retail systems. To counter this, retailers have a variety of mitigation techniques available to them including VPNs. The best security remains multi-layered since no single technology can nullify all threats at all times.
The trend towards greater state surveillance has become even more obvious since Edward Snowden’s revelations. Governments frequently justify such invasions of their citizens’ privacy as counterterrorism or anti-pedophile measures. In recent weeks, two unmissable examples of state interference have been hurried through including an amendment to Rule 41 of the Federal Rules of Criminal Procedure in America and the Investigatory Powers Bill by Theresa May. Both laws permit or legalize massive invasions of privacy. Nobody is questioning the presence of a criminal threat – whatever it may be motivated by. However changes to legislation will weaken the security of many IT products which is already under heavy fire as demonstrated by current events such as the Google hack or attack on Telekom routers in Germany.
Security researchers investigating the Yahoo data breach believe that a failure to use proper encryption is one of the prime reasons behind the hack. If this is right, then many more organizations may be putting customer data at risk. A report by Gemalto and the Ponemon Institute found 92 percent of businesses encrypt just 75 percent or less of their sensitive and confidential data when it is sent via the cloud. The proportion of respondents that encrypt data stored in the cloud is even lower at 40 percent. Worryingly for customers, it is their data that is the most common form of information left unencrypted. This places customer data at considerable risk of being viewed or even harvested by hackers. A simple way of protecting cloud data on its journey from device to cloud storage is to encrypt the whole process using a VPN tunnel.
Bitcoin, the digital currency underpinned by block chain technology, is still in its infancy and users are only just beginning to scratch the surface of its full potential. Even so, things are already heating up for dealers in Bitcoin. This year, the total value of Bitcoin transactions is expected to exceed $92bn – up around 240% from under $27bn in 2015. Bitcoin transactions typically make use of aliases or nicknames to disguise user identities but this does not make them anonymous. However, the combination of a virtual private network (VPN) and Bitcoin can guarantee privacy. The encrypted connection provides a cloak of invisibility for all transactional data and provides complete anonymity for buyers if they want it. This is especially true when purchasing digital goods like software, books, reports, databases and so on.
“We the public are at one of the last points that we will have to make a difference in how normalised the culture of mass surveillance becomes.”
Following the cinema release of Oliver Stone’s latest biopic, Snowden, these words spoken by Edward Snowden himself remind us of what drove him to take controversial action in the name of privacy that made him the polarizing figure he is today.