The general data protection law (GDPR) change the way of companies handle sensitive internal and customer data, directly impacting those who deal directly with the customers, like call centers and contact centers.
Effective since September 2020, the new law is about an extension adapted to the Brazilian reality of GDPR, General data protection regulation, effective in Europe since may 2018. Your main objective is to allow the consumer to choose which personal data a company may or may not be aware of.
However, despite data security being the main concern of executives, just a few train their employees to be aware of the standards required by GDPR.
Information security: Only 6% of the companies have dedicated professionals.
The last quarter of 2020 registered 850 thousand attempts of cyberthreat. The data are from a Fortinet report, released by the portal Canaltech.
The big amount of registers can be explain due to the increase of the home office during the pandemic of Coronavirus (COVID-19), where Cyber criminals took advantage of the crisis to leave victims.
Another research, done by Flipside in partnership with the Eskive, concluded that 66% of the companies dedicated between 1% and 25% of the time of your information security team in awareness programs and only 6% have a dedicated professional.
By the name “5º Eskive national research on information security awareness”, the study interviewed 300 security professionals of the main Brazilian companies.
It is clear that despite the bigger awareness of the importance of GDPR, just a few companies strive for their agents to be able to manipulate sensitives data in a safe way.
Human factor is the main vulnerability to attack sensitive data
The research about information security awareness has revealed an embryonic scenario when it comes to the cares with sensitive data inside the companies.
Since care with data storage is little encouraged, the human factor becomes the main vulnerability of the companies, leaving then liable to millionaire fines from GDPR. According to one study from IBM Security, a violation costs, in the global media, US $ 3.8 million to the companies and compromised employee account are the most expensive cause.
According to experts, the human factor plays a significant role in protecting business, the image and the strategy from a company. Despite the leaderships show themselves presents to their employees even in the distance work model, they are expected to be more aware of the prioritization of investments in training on the handling of sensitive information.
When asked what the aspect is more important for a awareness program inside the companies, the support and sponsorship from high management was the answer most cited by the executives interviewed.
The “5º Eskive national research on information security awareness” has also showed an 11% increase in support from high management in this type of initiative, making it clear that the user’s role in protecting information entered the executive’s agenda in 2020.
GDPR: Minimize risks, demands and security as the strategy of the business motivated companies to invest in awareness programs.
According to the study made by Skive in partnership with Flipside, minimize risks of incidents, requirements of GDPR and have security as a business strategy are the main causes that lead companies to invest in awareness programs.
Between the threats to the information’s security that the interviewees considered most relevant related to consumer behavior are: the increase of phishing attacks (9%), bigger concern about the inappropriate use of professional email (16%), use of workgroups in instant messages app’s (4%), visits to malicious websites (11%) and inappropriate sharing on social networks (3%).
These fears gain even more emphasis in the current context, where personal and professional environments mix during remote work.
Only 29% of companies train their employees to work with conformity to the GDPR, according study:
Informing users about privacy from GDPR is the second reason why companies invest in awareness programs, according to the study. Compared to 2019, this interaction increased by 6% last year.
However, only 29% of companies have a awareness program dedicated to develop a conscious culture about the importance of personal data and training your users of how work with conformity to the LGDP. Almost half (46%) of companies affirmed have made some punctual awareness action.
According to the report, in the last six years has accouraged an increase of more than 10% in the number of companies that start to invest in awareness programs. Between the years of 2016 and 2019, about 33% of the companies didn’t have any kind of investment in actions like that, compared to 22% in 2020.
With the greater maturity of awareness programs inside the companies, the most significant result was companies that didn´t have any type of awareness or carried out only specific actions, decreasing an average of 27%. There was a 21% increase in companies that performed periodic actions inside of an awareness program. The number of companies that had periodic actions with defined processes, registered an increase of 7%.
The increasing number of attacks, the pandemic scenario, the increase of regulatory demands, the beginning of GDPR and the customers’ expectations regarding the level of data protection require organizations to have employees even more prepared with skills that drive excellence in privacy and cybersecurity. This way, it is essential that companies invest both in awareness programs and in cybersecurity and sensitive data monitoring solutions.
In the opinion of 72% of customers, companies are not fully prepared to comply with GDPR demands
Although almost two thirds (61%) of Brazilians are not familiar with GDPR yet, most believe that the application of the new rules will be complicated for companies, according to Capterra research, released by the CIO portal.
According to the research, 72% of respondents believe that companies are not prepared to assure the privacy of their data according to the law. This data can be explained due to the fact that only 29% claimed to have been contacted by companies to treat topics related to their personal data.
Is evident, therefore, that despite more conscious, both companies and consumers are still unaware of the standards required by the new Law.
Therefore, once again, makes essential to invest in training and awareness about the topic, as well as the implementation of data security solutions in customer service.
Data protection is essential for companies adapted themselves to the “new normal”.
Being in accordance with GDPR is essential to companies adapted to the “new normal” of customer service.
According to experts, compliance with the new law allows organizations to be more competitive and ready for new challenges.
Besides that, conform with GDPR is a way to offer a service with maximum security and excellence, once the attendants would know the best way to handle sensitive data of customers.
DNK offers customer service solutions aligned with the new GDPR
DNK offers omnichannel solutions to Call Center and Contact center, being specialized in the development of high performance products, solutions and services for companies in the area.
The use of last generation technology combined with a team of experienced professionals, leads DNK to constantly innovate to transform the experience of customers and partners with their consumers.
DNK values excellence in service customer providing their partners tools and platforms with innovative and customizable functions.
With DNK’s services and products, the customer service is provide through a integrated omnichannel platform, which connects all service channels (whatsapp, voice, web, chat and others) with fast recovery of clients information and data, in order to offer a complete and satisfactory management of the client journey with differentiated results.
The company is recognized by the market and awarded for solutions and successful cases. Champion of the “Best self-service Solution” category in the XXI Modern Consumer Award and winner of the silver trophy in Client SA 2020 Award in the category “Leader in Innovation Strategy”, in partnership with a client, DNK understands that a well attended customer is the secret for the successful of the attendance.
Knowing the importance of offering integrated and complete solutions with maximum protection of personal data to conform with the new GDPR, DNK constantly innovates through the union with strategic partners, like CS Global IT and MyCena.
Besides that, to talk about how companies and people can protect themselves from the leakage of personal data, DNK will promote on February 25 the live webinar “Data Leakage: how companies and people can protect themselves and minimize risks?”
During the occasion, the Dr. Luiz Augusto D’Urso, a lawyer specialized in Cybercrimes and Digital Law, and Felipe Salgado, DNK’s engineering director, will share their experiences on the subject and presents DNK’s new solution, which allows monitoring the manipulation of sensitive data.