News Old

Data protection is a subject many people think has nothing to do with them; if so, they are wrong. Specifically, anyone who uses the internet should be aware of what data protection is, and why it is important. Unfortunately, the speed of online transactions, the number of clicks we all make to get where we want, means that most web users see data protection as a bit of a pain.

Data protection and other interruptions

When logging into an online service, or even just browsing something like a news site, we are bombarded with interruptions. Boxes pop up, literally to block the view of the desired site; this is so we have to do something to get rid of them. In most cases, we click whatever is highlighted, or even press the enter key, and away the interruption goes.

Many of these boxes are related to advertising, especially on certain types of website. However, since 2018, some of these interruptions are to do with data protection; they are asking how we want data about ourselves to be used. The issue is one of consent, as much of a pain this may be for the average internet user.

What is GDPR legislation?

Wording of the questions which appear in these pop up boxes differs; often today, by clicking the X in the corner, the text says we agree to certain terms and conditions. Quite often, the first conditions we agree to relate to data protection.

The Data Protection Act came into law in the UK in 2018. This codified what is generally referred to as GDPR; that is to say, General Data Protection Rules. Data protection had always been in place, but the 2018 enshrined EU-wide GDPR legislation on the UK’s statute books.

Before the Act, it was possible to find out what companies knew about us; but gaining access to this data required time, effort and money. Since 2018, companies have to give out this information free of charge in most cases, and have to do so within a month, rather than the previous 40 days.

Should I worry?

So, when we click the X, agree to emails or cookies, we are often saying that we’re ok with the online business gathering and holding our personal details. The fact is that, if we didn’t, we wouldn’t be able to access most of the sites we visit. That does not mean that personal data is harmful, or that it can be used for anything we don’t want it to be.

In fact, GDPR law is there to protect the consumer; while having to give consent might be slightly inconvenient, it’s actually a good thing. This is because consent can be withdrawn at any point, without incurring penalties, be they financial or otherwise. We should think of clicking our consent as a temporary measure, rather than one which ties us to lifetime agreements.

What are my rights?

As well as being revocable, GDPR legislation is empowering for the individual, as both customer and citizen. In the next article, we’ll see exactly what rights we have under GDPR and the 2018 Act.

For many decades now, accessing a private online environment has meant entering a recognised user name, corroborated by a valid password. The combination of these two items of knowledge keeps at least the opportunist snoop or fraudster out of a website or user account. Unfortunately, repeated breaches of this security continue to expose the weakness of the username + password verification method.

Doubly unfortunately, this exposure has come at the expense of the private information of millions of people, whose personal details have been available for the world to see. In one case, the head of a healthcare provider allowed their username and password to be witnessed while logging on to its “secure” system.

Vulnerable environment

Gaining access to online services requires security; this seemingly obvious fact emanates from the nature of remote system use. Basically, any user logging onto an online portal is using a computer they cannot physically see or touch.

In business terms, this is the “customer-not-present” environment; identity validation cannot be carried out by one human being looking at and talking to another. While this is very convenient in many ways (and, indeed, drives the entire web-based universe), in others, not being present is the internet’s biggest weakness.

Hackers of various hat colours use automated methods to generate both usernames and passwords; however, as the healthcare chief’s case shows, this isn’t always necessary. Human mistakes or oversights mean that the tried and trusted combination of username + password is only as secure as the person using it.

Adding layers of verification

Knowledge based access methods (which username/password is) have been gradually losing their importance over recent years. Partly this is because usernames and passwords are hard to remember; people tend to write them down, or use words easily associated with themselves.

Two extra layers of verification have come to enhance / replace this knowledge based approach; devices and personal attributes. Rather than just a keyboard, smartphones, tablets and wearables now have many other ways to interact with their user; this allows them to take selfies, or maybe even scan eyeballs and thumbprints.

In combination with private knowledge (what you know), what you have and what you are can now be used to verify your identity. A combination of all three is certainly much more secure than the username-password method.

Security and seamless user experience

Taking the time to remember and correctly enter usernames and passwords is a clunky, tedious experience for many modern online customers. The rise of technological and biometric layers to remote verification has added advantages for these users; by extracting valuable biometric details, for example, serious security checks can be started as quickly as possible.

For low-risk customers, access can be very quick indeed. However, an advantage of the newest checking methods means that even higher-risk users can be verified without them feeling like they’ve been pulled out of the queue and taken to one side.

This seamless customer experience is as vital as the need for ever-more effective security measures; the demise of username + password may well, then, be a good thing all round.

Any parent knows that more children are accessing the internet, more regularly and in more ways, and younger than ever before; this is a trend which is only likely to continue. As education and youth health providers turn to the web to offer services seen by society as positive, those which pedal less wholesome fayre are waiting to reap the rewards.

Illegal vs. Harmful

As well as being a living nightmare for most parents, the likelihood of children accidentally or deliberately accessing websites, goods and services which could harm them is something governments are starting to take seriously. What parents and governments want is some form of age verification which blocks underage users from accessing illegal or harmful sites.

Illegal is, in some ways, easier to police. The fact is that it is illegal to sell or offer a range of goods and services to anyone under a certain age; in this case, websites which do face a hefty fine, or possible closure.

Harmful, meanwhile, is less straightforward. Businesses which sell fireworks, for example, know that their products can harm children; however, those which offer certain services can at least claim a lack of evidence. Any harm done to minors from viewing unsuitable images is much harder to prove than a burn from a firework.

Interested parties

How seriously online businesses take age verification, sadly, often depends on their own self-interest. It is simply not in the interests of, say, a dating site to make every visitor verify their age; this interrupts the flow of registration, and will result in a drastically reduced conversion rate. At the end of the day, this is seen as being bad for business.

One way around this is a badge system, whereby a user looking for a date will – at least in theory – prefer someone with an age-verification badge than someone without. This level of light-touch internet policing is something that regulatory authorities like the UK’s Ofcom are looking at. The dangers of pushback by internet providers must be weighed against the likelihood of minors suffering harm at the hands of adults because of half-hearted age verification processes.

Non-anonymous age verification

Even in age restricted areas of the market, not all businesses take age verification seriously. A recent survey showed that only about half of these employed robust methods; the other half relied on anonymous verification, including self-assessment and verification by scanned documents.

A serious age verification system is one which requires the user to give up some of their anonymity. This should really involve a photograph, which in today’s world could just mean a selfie. The image of someone’s face popping up as part of an application or registration is still one of the safest means of age verification.

Although some will say that this goes against the spirit of the internet, parents and authorities such as Ofcom have more pressing concerns to worry about. In an increasingly web-reliant world, protecting minors from harm still falls to responsible adults; robust age verification is one tool to help in this ongoing struggle.

UK, 13th February 2020: Analysis of StepChange Debt Charity’s clientele has disclosed new insights regarding the financial behaviour of people making steps towards debt recovery.

A study conducted by Experian revealed that 88% are very engaged with the online world, however a significant 40%, are unlikely to be managing their finances digitally. StepChange Debt Charity has recognised the potential of the latest online tools that may facilitate individuals build financial resilience and get over their previous debt problems.

The majority of the people surveyed were found to be online enthusiasts. Mainly from lower income households, they’re active social media users and are probably high users of digital entertainment services, like gaming and video streaming websites, however a lot less likely to interact with FinTech tools – along with online banking services.

Age was identified to be the largest influencer of digital engagement. 14% of StepChange Debt Charity clientele were those with young families. Of all the groups, these were the ones who were found to be the most likely to employ the use of online banking, as well as digital cash management tools.

In comparison, around 12% of clientele were found to be older individuals and retirees. This group is the least likely to use online financial management tools and don’t have very much interest in accessing these services digitally.

Digital money-management tools are able to facilitate individuals in difficulty, to avoid wasting money and gain a framework for money management, which may facilitate them to avoid or perhaps reduce the impact a financial crisis could have.

Experian and StepChange Debt Charity will continue to work alongside each other to offer even more insights, building more understanding of ever ongoing challenges, and look upon potential solutions of how clientele can gain higher autonomy of their finances. The charity is close to launching a brand-new online hub to assist individuals with persistent credit card debt.

Although it is not claimed that online tools can solve the nation’s debt problems, they are able to assist, and there is also a potential for an array of new services which can better engage people who are financially insecure.

Seeing as most people who find themselves in debt, are in this situation because of a change in their circumstances, helping those to manage their money and also build financial resilience, means they are much more likely to be in a position where they are able to weather tougher times if and when they occur.

It would also be easy to assume that we are all using digital technology in the same way and at the same consumption rate. However, we’ve discovered that this simply isn’t the case.

FinTech tools are changing the way that many of us are managing our money. However, it is apparent from our findings that a considerable amount of individuals looking for assistance with debt issues, are reluctant to use online financial tools, this will pose interesting challenges for the debt advice society and sector at large.

To quote the well-known rhyme, “water, water all everywhere, nor any drop to drink.” I feel can also be true of data. Where organisations have a lot more data than ever before, only a few are able to take advantage of this resource and truly leverage it for insight.

There are no doubts regarding the value of data. It’s viewed as a key competitive advantage, and in some instances, a strategic asset financially.

However, translating your data into a meaningful insight may be a very different task to storing and managing it, from a regulatory perspective. we have seen a large number of businesses invest in many kinds of data initiatives, like analytics, machine learning automation, customer insight, data governance, etc. Yet, most businesses still report that they’re not sufficiently data driven.

Every year we conduct a world study of data management practices and of data usage. This year, we surveyed over a thousand practitioners regarding how they would like to leverage data. The research looked into a number of the obstacles that faced them and why only a few manage to leverage data for insight. we noticed that 3 key areas emerged.

Firstly, there’s a sizeable degree of distrust when it comes to information. The standard professional observing data doesn’t know how the data got there, what state it’s in, or even when it’s useful. Whereas the knowledge that data gives you may result in better insight and more informed decision making, a large level of distrust usually causes leaders to fall back on making their choices by gut instinct, instead of by knowledge that has been provided via the use of data. Subsequently, we’ve consistently witnessed over the past years that many believe that nearly one third of their data is not accurate.

Secondly, we are seeing the rising levels of data debt. Data debt is much like technical debt. You’ve got data assets that may not be fit for purpose, or have data that consists of a high level of inaccuracy. Unless you’re taking the time to repair that data, and govern it properly, you’ll forever have a suboptimal data operation. In turn, poor quality means that several businesses aren’t totally seeing the ROI or expected advantages in a number of the investments they’re making.

Finally, there’s a skills shortage when it comes to data. This doesn’t simply mean professionals, like data analysts, data scientists, and chief data officers (CDOs). There’s a general lack of understanding across the board around data, within the broader business. We’ve seen a growing number of businesses talking about facilitating a wider usage of data across their business and looking to do a lot more with data insight, however only a few people across organisations are actually data literate. Our survey results indicated that most businesses have reported that literacy of data has to become a core ability of staff over the next 5 years.

To generate the amount of insight required to leverage data fully, as a valuable asset, organisations will be required to tackle problems around its accuracy, trust, and of course, data skills. Unless these elements are addressed, organisations will remain surrounded by all of this useful data that will not provide the business with what it actually needs.

As a small business owner, it is always important to consider data security.
When looking at data you may store virtually, from customer’s private information, to financial records, it’s not difficult to see that a breach would quite possibly result in serious damage to your business.

One of the board members at the National Cyber Security Alliance, along with the Vulnerability Research Team’s Senior Director for cybersecurity provider Sourcefire, were consulted to find out what security measures were key for small businesses.

1. Establish strong passwords

The simplest thing to do in order to strengthen your security, is implementing strong passwords.

A simple tip for creating hard-to-crack passwords, is to use combinations of capital and lower-case letters, numbers & symbols, and to make them 8 to 12 characters long.

It is advised to avoid using your birthdate, or anything personal to you.
Use a checker to see if you have crafted a strong password, change your password at least every 90 days, and never write it down!

Another key aspect is to make sure each user has their own login credentials, never use one username and password for all.

2. Put up a strong firewall

Firewalls are an essential aspect of protecting your network, they protect your network by policing the traffic that comes in and goes out. Firewalls are a standard practice when it comes to network security.

3. Install antivirus protection

Another standard practice is anti-virus & anti-malware software, these are the last line of defence, should you be breached. It is always wise to choose an anti-virus & anti-malware software that you trust, and that’s right for you.

4. Update your programs regularly

Ensuring that your programs are regularly updated is vital in the ongoing endeavour of being fully protected. There’s not much value in installing all this fancy software, if you’re not planning to maintain it.

It’s essential to update regularly as the goalposts are constantly moving, and while no security application is 100% fool-proof, it keeps your system up-to-date with the latest protection available!

5. Secure your laptops

Laptops are at a much higher risk of being lost or stolen, this is an obvious fact due to their portable nature. Because of this, taking extra steps in order to protect your sensitive data is important.

One of the simplest things to do is: encrypt your laptop! What encryption software does is, alter the way information looks on your hard drive, so unless you have the correct password, it can’t be read.

Another simple but very effective way of protecting your laptop, is to not leave your laptop anywhere where it may be an easy target for opportunists. Preventing your laptop falling in to the wrong hands may save you, your business and your clients, a lot of unwanted aggravation.

6. Educate your employees

Prevention is definitely the best approach when it comes to the security of your data. Make sure your employees understand the importance of safety, when it comes to navigating the internet. They should understand the potential security risks they may put upon the company, if they decide to make bad decisions online.

For a great number of employers, screening the backgrounds of their potential employees is a must. Screening can be complex and challenging, especially when HR, as well as hiring managers are unsure how to stay absolutely compliant.

Currently, 60% of organisations in the UK conduct background screenings, according to the statistics provided by Sterling Talent Solutions.
This percentage is said to increase year on year as employers are becoming more aware of its importance.

Compliance appears to be the top reason employers are carrying out these checks, however, keeping up-to-date with the ever-changing regulations can be challenging. So, the question is, how can employers stay legal when it comes to the screening process?

Criminal Record Checks

Criminal record checks that are carried out by employers must be proportionate and also relevant to the employee’s position in question, it is also to be in compliance with The Police Act (1997) and the Rehabilitation of Offenders Act (ROA) (1974).

According to employment law associates, employers are allowed to ask applicants about their criminal record, however, the ROA (1974) restricts to what extent an employer is able to base their decisions using such information.

In the case of “Spent convictions” – where a crime has been committed previously, but no re-offence during a given period, employers should not request information. These applicants are treated as having clean records, unless there is an exception that applies under the ROA (1974).

Credit Checks

Credit checks are an element of screening that is used, particularly in the financial sector. Like criminal record checks, they are to be proportionate to the job at hand. For a role like a financial director, a credit check will be necessary, however a job that doesn’t require any financial responsibilities wouldn’t likely need a credit check.

It is recommended by The Information Commissioner’s Office (ICO) that credit checks are to be conducted only when a less intrusive option is not available.

Social Media Screening

With checking platforms like Facebook & Instagram, you are able to capture applicant’s activities that may be potentially incriminating. There are however legal risks and consequences if you get it wrong.

The primary issue is, if the job applicant claims that a decision to not employ them was based on information found by the employer, from one of their social media accounts.

Education & Credential Verifications

Checking an applicant’s qualifications and credentials can give you a clear understanding of their knowledge, specialties and skill sets.

Some candidates may however be tempted to fabricate the results of an educational & credential verifications check, via the use of technology, which can obviously affect the reliability of these kinds of checks.

Reference checks

One of the best ways to ensure that you are hiring the right person, is a reference check. It is advised however that certain rules are adhered to, such as making sure discriminatory questions are avoided.

Recruiters should be vigilant, as acting on a reference that is potentially discriminatory may cause issues, as they may be liable for damages/loss of earnings, if the offer is withdrawn due to a reference of this nature.

KPMG forecasts a decline of UK GDP by 2.6% for 2020, this is on the condition that the COVID-19 pandemic will be contained by the summer, with a predicted sharp recovery during the first half of 2021 as uncertainties that surround the dissipate.

If an even more enduring outbreak would occur, it may prompt a decline of 5.4% this year. Business investment would be particularly hard hit, along with consumer spending, due to COVID-19 related uncertainty and disruptions.
KPMG offer a flat growth forecast for the second half of this year, but also offer a forecast of a sharp recovery in the first half of 2021, with a 1.7% UK GDP growth in 2021.

A contraction of 2.6% in the UK economy during 2020 is expected, due to the impact of the COVID-19 virus, this is according to KPMG UK’s most recent quarterly economic outlook, however a more protracted outbreak may result in perhaps, a more severe effect than the experienced downturn in 2008-2009. In the case of either scenario, the economy is expected to recover at the latest, by the second half of 2021.

The main scenario that KPMG has offered assumes that the measures put in place for public health will stem the rising number of cases by summer.
If this is the case, then the expectations are that the economy will remain flat in the latter half of the year, and will have a strong recovery moving into the first half of 2021, as the uncertainties around the pandemic dispel.
This will see UK GDP decrease by 2.6% this year, but then grow by 1.7% in 2021. However, in the case where the pandemic persists up until the latter half of next year, GDP may contract by 5.4% this year, then a further 1.4% in 2021.

More action will be needed to shore up the UK economy

With recent measures announced by the Chancellor, the significant disruption to economic activity during the first half of the year may see unemployment peak at a relatively low figure of around 5.6% entering May.
KPMG’s predictions are that it will gradually ease to around 4.1% by Q1 of 2021, which will leave the labour market relatively tight once again.
The protection of jobs and incomes will provide in the short term, much needed support of the besieged households of the UK.

Due to the recent quarantine measures, which includes the restrictions on social gatherings, businesses that sell consumer goods and services, are set to face a significant fall in demand. The disruption in the supply chain, as well as loss of workforce and workplace shutdown, will challenge importers and exporters all at the same time, as UK’s key trading partners also head towards a recession. A low inflation, however, may leave the Bank of England room for monetary expansion in order to combat both economic downturn and the turbulence in markets, but with record low interest rates, measures of more creative stimulus will need to be used.