This year has been filled with data privacy and protection concerns. From the introduction of the General Data Protection Regulation (GDPR) and the exposure of data breaches at Cambridge Analytica, Facebook and Under Armour, to new legislation springing up in the US, including New York’s Stop Hacks and Improve Electronic Data Security Act (SHIELD) and the California Consumer Privacy Act (CCPA). Stories about the value of data – and the risks associated with it – are everywhere. As data professionals, the pressure is there to achieve a balance between compliance and the need to deliver faster than ever.
Compliance is more than cybersecurity: it involves a shift in the way business is done. One common misconception is that threats to data are purely external, yet insider error or breaches account for a large proportion of data exposure. So simply implementing antivirus or antimalware isn’t enough. Procedures must be put in place where the data lives – at the database level. Unfortunately, these same measures can also cause bottlenecks at release time.
To best reap the rewards of data, without impacting performance, it’s crucial to understand what is required of you as an employee and as a business in terms of regulatory demands.
The first step is getting wise on your respective legislation – being familiar with data laws is no longer restricted to the lawyers. The second step is to revisit your own systems to identify gaps in security, highlight weak points and possible risk factors and ensure they are fully compliant. And finally, do your research. Reach out to the community, see how others are handling the issue and turn to industry experts.
Microsoft MVP Grant Fritchey recently wrote a free to download whitepaper for Redgate Software. While he discusses US legislation in this whitepaper, it provides best practices for the data professional, with insight and guidance into how to approach data compliance, regardless of the legislation. If you want to find out how compliant you really are with data protection regulations, it could be a good place to start.
Check out the whitepaper.
Reference: Pinal Dave (https://blog.sqlauthority.com)