What makes your business tick? Changes to sales volumes, the latest gadgets, or the information customers exchange with you?
Well, brace yourself: the EU General Data Protection Regulation (GDPR) will help to enforce some big commercial reprioritisations. Manny organisations are already ahead of the game, reconfiguring structures and preconceptions to embrace what many see as a powerful initiative for raising digital standards and upholding citizens’ data rights. Those treating the process as a perfunctory box-tick exercise face a decidedly less assured future.
It is easy to become mired in perceived regulatory impediments, blindly chasing compliance without heeding the bigger picture. Today’s tech-conscious consumers only want to work with the most trustworthy data handlers, and the GDPR allows them to call the shots louder and with more influence than ever before.
The GDPR is about taking ownership and showing responsibility. It elevates personal data protection as a strategic priority for organisations working with EU residents. It requires businesses to be transparent, fair and lawful. It also mandates a culture in which data privacy and security form a central part of the customer relationship.
The race for credibility
Businesses can no longer shun data transparency and accountability responsibilities when processing customer data. At every hierarchical juncture, they must be assiduous and empathetic to the trust customers place in them, as well as their duty to mitigate against an increasingly complex cybersecurity threat landscape.
Training programmes should already be in full swing, ensuring data privacy nuances are grasped and staff understands their role in keeping both their personal and customer data safe. This should be supported by substantive policies concerning data handling and customer interaction.
Sustained credibility is difficult to achieve but can ultimately serve as a launch pad for better service innovation and profit.
Mind the step-change: the GDPR’s privacy and security requirements
The GDPR is an opportunity for organisations to do better. It is a powerful prompt to forensically assess all extant data governance, collection and processing legalities, security technologies and policies. Modifications and improvements in line with the GDPR are clearly a positive step to promote notions of privacy and security by design throughout the business. Responsible data conduct is surely set to become one of the most coveted badges of corporate honour in the coming years.
While the GDPR is an evolutionary journey requiring all manner of cultural change, the key ‘must-dos’ remain the same. Organisations need to investigate the automation of technical controls and ensure they have alerts in place for attempted breaches. Remember, a breach encompasses both unauthorised access and inappropriate access, modification or loss. Meanwhile, establishing a legally compliant data inventory and governance model will help achieve the right level of protection. Wherever possible, this should include the anonymisation, pseudonymization, and encryption of data.
From a privacy perspective, data protection impact assessments (DPIAs) can help identify, assess and mitigate or miniArthur,mise privacy risks. These are particularly relevant when a new data processing system or technology is introduced. Interestingly, GDPR mandates the use of DPIAs by data controllers where there is a ‘high risk’ to a data subject. This includes the processing of sensitive data or anything systematically monitoring individuals that could result in legal or detrimental harm to the individual.
Mobile is the new branch
Standard Bank has launched an account for mobile devices that gives back 500MB of data a month
Standard Bank has introducd a R4.95p/m bank account called MyMo that customers can open on their mobile devices, loaded with data and airtime offerings and other benefits such as virtual and Gold physical card.
MyMo account holders will also enjoy the convenience of a cheque account through a Visa and Mastercard gold card. Once the account is open, users can choose to either receive R50 in airtime or 500MB of data a month, if their card is swiped more than four times a month. A further megabyte of data is loaded on the account for every R20 spent.
“MyMo is an account for everyone, whether you just landed your first job or have been around the block. With no documentation required it only takes a few minutes to open the account,” says Funeka Montjane, Chief Executive for Personal and Business Banking, South Africa, at Standard Bank Group. “For just R4.95 a month customer will be able to enjoy free swipes and ATM withdrawals at only R6.50 for amounts under R 1 000.
“Mobile is the new branch. This account is about bringing the mobile branch into customers hands, it is about convenience and security while banking.”
She says mobile offers low cost transactional banking which integrates people and businesses into the new connected economy, making mobile the new branch ecosystem that will drive and connect Africa’s growth. Physical connections to the economy are rapidly changing to digital where banks have to move from being financial institutions to service organisations.
“In the past people congregated in communities and eventually cities to maximise the advantages of connectivity. Today a simple hand-held device has the potential to open infinite doors, transforming individuals’ access to opportunities, regardless of where they are, and like never before in history.
“Historically, a bank account represented access to economic citizenship. Today, having a simple device enabling digital access to a modern banking platform is a passport to global connectivity and vast human development potential.”
The bank says it is using technology, and mobile phones in particular, to deliver low-cost transactional channels accessible to all our customers. The evolution in mobile can be seen in transaction options like cash back at the retail checkout till rather than the ATM, free digital banking rather than using a branch, and the ability to transact using digital wallets, even without a bank account.
“Developing comprehensive connected ecosystems requires a mind-set change from Africa’s banks,” says Montjane. “Banks will evolve away from traditional financial service organisations, into service ecosystems enabling broad universal access to almost everything like enhanced purchasing experiences of vehicles and homes, online procurement of goods and services and lifestyle elements like rewards and travel.
“These connectivity drivers will also act to future-proof evolving connectivity ecosystem by allowing us to offer untold future services while deriving income from as yet unrealised revenue streams,.
From a customer perspective, the kind of ecosystems of knowledge, access and, ultimately, connectivity that banks will come to provide will radically transform the share of life that almost all individuals will be able to access.”
Two-thirds of SA staff hide social media from bosses
With 90% of people in employment going online several times a day, it can be hard for most workers to keep their private and work-life separate during the working day (and beyond). The recently published Global Privacy Report from Kaspersky Lab reveals that 64% of South African consumers choose to hide social media activity from their boss. This secretive stance at work also extends to their colleagues, with 60% of South Africans also preferring not to reveal online activities to their co-workers.
Globally, the average employee spends an astonishing 13 years and two months at work during their lifetime. Interestingly though, not all this time is directly related to solving work tasks or earning a promotion: almost two thirds (64%) of consumers admit visiting non-work-related websites every day from their desk.
Not surprisingly, 35% of South African employees are against their employer knowing which websites they visit. However, more interestingly, 60% of South African are even against their colleagues knowing about their online activities. This probably means that colleagues constitute an even greater threat to future perspectives of an office slouch or maybe the relationships with colleagues are more informal and therefore, more valuable.
On the contrary, social media activity appears to be a less private domain for many and therefore, more suitable for sharing with colleagues but not the boss. This is probably because workers fear harming the public image of a company or interest in decreased staff productivity motivates companies to monitor employees’ social networks and make career changing decisions based on that. Such policies have led to 64% of South Africans saying that they don’t want to reveal their social media activities to their boss and 53% even don’t want to disclose this information to their colleagues.
A further 29% are against showing the content of their messages and emails to their employer. In addition, 3% even said that their career was irrevocably damaged as a consequence of their personal information being leaked. Thus, people are worried about how to build a favourable internal reputation and how not to destroy existing workplace relationships.
“As going online is an integral part of our life nowadays, lines continue to blur between our digital existence at work and at home. And that’s neither good nor bad. That’s how we live in the digital age. Just keep remembering that as an employee you need to be increasingly cautious of what exactly you post on social media feeds or what websites you prefer using at work. One misconceived action on the internet could have an irrevocable long-term impact on even the most ambitious worker’s ability to climb the career ladder of their choice in the future,” comments Marina Titova, Head of Consumer Product Marketing at Kaspersky Lab.
To ensure workers don’t fall prey of the internet threats at a work, there are some core guidelines to adhere to in the digital age:
- Don’t post anything that could be considered defamatory, obscene, proprietary or libellous. If in doubt, don’t post.
- Be aware that system administrators may at least, in theory, be informed about your web browsing patterns.
- Don’t harass, threaten, discriminate or disparage against any colleague, partner, competitor or customer. Neither on social networks or in messages, emails, nor by any other means.
- Don’t post photographs of other employees, customers, vendors, suppliers or company products without prior written permission.
- Start using Kaspersky Password Manager to ensure your social media and other personal accounts are not at risk of unauthorised access by someone else in an office. Install a reliable security solution such as Kaspersky Security Cloud to protect your personal devices.