Think data protection first, POPIA compliance will come

Issue 9 2020 Infrastructure

Information security and data privacy are at the core of the Protection of Personal Information Act (POPIA). Companies that prioritise the safeguarding of their proprietary and customer data will benefit from better business resilience in the face of increased cybercrime while simultaneously complying with the Act.


Charl Ueckermann.

“A robust and resilient business should be your primary goal. Rather than focusing only on compliance, use this as an opportunity to sharpen your organisation’s data protection capabilities. Once you understand how POPIA and other information security standards, such as ISO27001, can benefit your business, it's like hitting two birds with one stone: you take appropriate and reasonable steps to fine-tune how your business works with confidential information, and compliance follows naturally,” says Charl Ueckermann, CEO at AVeS Cyber Security.

The elements required to protect personal information are the very same elements needed for the protection of other valuable information in a business. CIOs and IT managers should address the confidentiality, integrity and availability of data, and cover both the cyber and physical security aspects of information protection. For instance, controls must be in place to stop employees from accessing or downloading information that they should not be privy to, as well as preventative measures and policies around sharing information in other ways, such as telephonically or by saving information onto a USB device and leaving it lying around.

Identify your data

The first step is to identify which information needs to be protected in the organisation: “Any information that you deem as critical to your business or mentioned in POPIA should be protected. This can include information about employees and customers, product information, research data, financial information and other intellectual property,” says Ueckermann.

Starting with a facilitated POPIA assessment is a productive and cost-effective way to help a business determine how compliant they are with POPIA, which sections of the Act are applicable based on the nature of their operations, and which information should be protected. Different companies in different industries will need to take different steps. Additionally, what applies to a big corporate may not apply to a small or medium-sized business.

“A guided assessment further provides valuable insights into where there are gaps and how to prioritise addressing them. An implementation roadmap often follows a good POPIA assessment to show where to focus information protection efforts to meet POPIA's requirements timeously,” says Ueckermann.

He concludes saying that a proactive approach to information security now will help companies to ensure that their houses are in order, and done cost-effectively, before the POPIA grace period ends in June 2021.

“If you are not already thinking about information security, there is no better time than now. Look beyond compliance and focus on protecting your business, your intellectual property and the stakeholders that are linked to it. As you take steps to take control of your information and organisational processes, you will also prepare for POPIA. The great value-add of having control of your information is that breaches are less likely to be missed and you will have the tools and systems in place to respond quickly to, and recover from, security incidents.”


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Managing stock efficiently and cost-effectively
Asset Management Infrastructure Logistics (Industry)
Rina Redelinghuys, customer services executive at Cquential, a member of the Argility Technology Group, examines stock management across various industries, including retail, fast-moving consumer goods, food and dairy, automotive, apparel, industrial, accessories, paint and chemicals, and pharmaceuticals.

Read more...
Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
The hidden cost of cheap networking gear
Duxbury Networking Infrastructure
When it comes to building a network, price is always a consideration, especially in the current economic climate, but there is a difference between smart spending and short-term savings with long-term losses.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
Fastest PCIe Gen 5.0 NVMe SSD
Products & Solutions Infrastructure
Sandisk has unveiled the WD_BLACK SN8100 NVMe SSD with PCIe Gen 5.0 technology, an internal SSD delivering speeds up to 14 900 MB/s and capacities up to 4 TB, with 8 TB solutions available soon.

Read more...
Unified storage solution
Products & Solutions Infrastructure
CASA Software has announced the local availability of Nexsan’s upgraded unified storage solution, Unity NV4000, which is ideal for mixed workloads, from virtualisation and video surveillance to secure backup and recovery.

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Advanced surveillance storage from ASBIS
Infrastructure Surveillance Products & Solutions
From a video storage solutions perspective, SkyHawk drives, designed for DVRs and NVRs, offer high capacity, optimised firmware, and a reliability workload rating of hundreds of terabytes per year.

Read more...
Power surges are killing our networks
Duxbury Networking Infrastructure
With power surges and lightning strikes becoming an all-too-familiar threat to South African infrastructure, Duxbury Networking is calling on local installers and network integrators to follow proper grounding protocols.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.