The recent ANZ case (Stuff 3/3/2020) was not about a data breach, but it did follow a succession of other failings and this time the Commerce Commission has chosen to take the case to the High Court for a ruling.
The reality is that businesses, especially those in the financial services sector, need to be squeaky clean. No longer does the “old-boy network” come into play, where things are settled over a gin and tonic at the Club at days end.
There is a new world-order where excuses are no longer tolerated and the damages can be severe. That might be reputational damage, or it could be a significant fine. These are now commonplace, when businesses get it wrong.
There are now a plethora of industry “watchdogs.”
There is the Commerce Commission, the various Ombudsmen that now exist, the Insurance Council, Bankers Association, the Reserve Bank itself, along with a host of other interested parties. They all take a keen interest in the wide range of legislation that now exists to protect consumers' rights. In some cases like the European GDPR data standard, there is global reach.
We have our own NZ Privacy Act, which is currently under review and there are a range of other controls, that prescribe how businesses should secure their data and deal with the growing complexity that exists around customer communications.
- Has the right Disclosure Statement been appended? Can you prove it?
- Was the correct attachment attached?
- Are you using up to date security measures like TLS, DKIM, and DMARC to ensure your email communications get through without being altered or spoofed?
- Did the document go out at all?
- If it did get sent, did it bounce and why? Do you have an automated default process set-up?
You think that you’ve got on top of things, and even greater threats appear. Or the penalties for getting it wrong increase again!
For these reasons more and more smart businesses are choosing to work with service providers like Cumulo9, who have made the investment in the latest software and have people that can help you better understand the risks you are vulnerable to.
We can ensure that your communications don’t get blacklisted or are left somehow wallowing in limbo for days on end, resulting in non-compliance, inbound calls or late payments.
You can leave it to us to ensure that you are always protected, while your competitors deal with the consequences of a “data breach,” you can sleep at night.