Industry & Business

Irish companies exposing themselves to huge GDPR fines

 Breaking News
  • Grand Canal Innovation District Planned For Dublin A far-reaching plan for the creation of the Grand Canal Innovation District in Dublin has been launched. The proposal from Trinity College Dublin is modelled on innovation districts in cities such as Boston, Toronto, Rotterdam and Barcelona. It will significantly strengthen Ireland’s competitive advantage when developing new indigenous companies or competing for foreign direct investment. [...]...
  • Heiton Buckley Unveils Newly Refurbished Mayo Branch Heiton Buckley, Ireland’s leading supplier of doors, floors, bathrooms, garden, plumbing and heating products, has officially unveiled its newly refurbished branch in Castlebar, County Mayo . GAA star, Andy Moran, CEO of Grafton Merchanting ROI, Patrick Atkinson, Heiton Buckley Castlebar Branch Manager, Mick Kane, and longtime customer Mick Duane officially cut the ribbon and kicked [...]...
  • Export Sales by Enterprise Ireland Client Companies Hit New Record Enterprise Ireland, the state agency responsible for helping Irish companies export to international markets, has announced that its clients recorded export sales of €22.71 billion in 2017, representing a 7 per cent increase on 2016. This is the highest level of export sales recorded in the history of the agency and the eighth-consecutive year of [...]...
  • BAM Wins €25 Million Contract to Build New Cheese Factory in Cork TINE Ireland, a subsidiary of the Norwegian dairy co-operative TINE, has awarded the construction of a new Jarlsberg® cheese production facility and administration building at Mogeely, County Cork, to BAM Ireland. The contract value is more than €25 million. TINE is Norway’s largest producer, distributor and exporter of dairy products with 11,400 members (owners) and [...]...
  • HBAN Scoops Major European Business Angel Network Award HBAN (Halo Business Angel Network), the all-island organisation responsible for the promotion of business angel investment, and a joint initiative of Enterprise Ireland and InterTradeIreland, was crowned Globally Networked Organisation 2018 at the recent EBAN (European Business Angel Network) Awards Ceremony held in Sofia, Bulgaria. HBAN was awarded the prominent European accolade in recognition of the significant [...]...

Irish companies exposing themselves to huge GDPR fines

Irish companies exposing themselves to huge GDPR fines
July 24
09:00 2017

AMI, one of Ireland’s leading secure IT retirement company, has revealed the results of a survey of senior IT decision-makers in Ireland, which found that almost one-third (32%) of organisations that use third-party IT retirement companies may be exposed to huge fines under the impending General Data Protection Regulation (GDPR) legislation. The companies admitted that they do not receive formal confirmation from their providers that their data has been completely erased.

The survey reveals that many Irish companies have overlooked the risk posed by failing to properly dispose of end-of-life IT assets. Some 47% of those surveyed stated that they manage data-destruction themselves and wipe or physically destroy data on site. As well as this, a quarter of respondents said that end-of-life IT assets remain on their premises for more than one year, highlighting that many organisations do not have established processes in place for managing the disposal of old IT equipment.

Despite these practices, the majority of organisations accept that the consequences of data theft from a retired device would be very grave, with 77% of those surveyed stating that it would have a serious effect on their company. Of those companies, 8% believe that their company would be forced to cease trading as a result.

Of those organisations that do have established processes for handling end-of-life assets, just over half (52%) send retired assets to a third-party specialist. A further 43% donate the equipment to employees, schools or charities.

For this reason, it’s clear why 71% of respondents say that security of data disposal is their most important consideration when it comes to choosing a means of disposal for data-bearing devices.

GDPR will introduce more stringent guidelines around where data flows and how it is processed. In the event of a data breach or compromise, companies who are unable to account for the whereabouts of their data could face fines of up to 4% of global turnover or €20 million, depending on which is greater. This will require companies to closely review supplier processes and policies to safeguard their interests. However, according to the survey results, 39% of those who work with a third-party IT retirement provider never audit the provider’s security processes.

The survey also found that despite the significant value of old IT equipment, 70% of businesses say that they don’t recover any value when retiring old assets. More than half of these (37%) would consider it in the future.

Philip McMichael, managing director, AMI, said: “It is extremely clear from the results of this survey that Irish organisations are leaving themselves vulnerable at the end-of-life stage by failing to securely manage the retirement of their old IT assets. Companies need to establish processes for disposing of this equipment and dramatically reduce the amount of time that it spends in storage, as this increases the risk of data going missing. It also devalues the equipment, so it’s in companies’ own interest to manage this process effectively.

It’s interesting to see that so many companies claim to manage and carry out data destruction themselves as this is a specialist security process that requires advanced tools to ensure that data-bearing equipment is erased to the most stringent global standards. Unless companies have trained specialists in place using the correct software and carrying out data erasures, they should reassess their ability to carry out this process themselves and align themselves with a specialist IT retirement provider.

Those that do work with IT retirement companies need to ensure that they receive formal confirmation that their data has been destroyed, as organisations that are happy to hand over data-bearing devices without a certification process in place are putting themselves at real risk of a data breach.

Companies that work with an IT retirement specialist can benefit from the creation of a new revenue stream that can be used for a variety of purposes, such as upgrading IT equipment or even charitable donation. However, the primary focus for Irish organisations now has to be plugging the security gap stemming from current and past failings to securely tackle IT retirement.”

About Author

editor

editor

Related Articles

New Subscriber





Subscribe Here



Advertisements



















National Manufacturing Conference & Exhibition 2018

NIBRT Springboard Success Stories



Upcoming Events

  • No upcoming events
AEC v1.0.4