Companies must inform the regulators within 72 hours of a data breach.
As part of the legislation, organisations are instructed to build ‘security by design’ into their products. Protecting user data needs to be considered at the start of a project.
Organisations know that they must act quickly to ensure compliance with the new legislation or risk vast fines, but they face a number of challenges:
It’s clear that encryption is the best way to protect user data, so that even if an organisation’s servers are compromised and data stolen, this information will be of no use to an attacker.
However, for a lot organisations, security is not their main business. they don’t have the expertise in-house to adequately secure data and in many cases don’t have the resources to hire teams of developers to do it for them.
Encryption is difficult to implement, but now to comply with GDPR rules, it is essential.
Many users store and access their data from apps on mobile devices, securing these devices represents an additional challenge. App developers need an easy to encrypt user data.”