The POPI Act was designed for the safe keeping of personal information and ensuring that this personal information is kept secure in an age where cyberthreats are a real ongoing threat. It is known that data can be used for a wide range of purposes, attackers mainly utilise the personal information of company clients, and even employees, to blackmail the relevant company, and/ or individuals involved.
Companies that truly comply with the POPI Act are not simply making minimal changes to their internal processes to avoid fines, they are in fact, finding ways to keep the personal information obtained safe in every possible way.
How can Forbtech assist with the protection of data?
Principle 7 (Security Safeguards) specifies that “all personal information should be kept secured against risk of loss, unauthorised access, interference, modification, destruction or disclosure.”
Having said this, most companies have no idea where their data is being stored. They know that they outsource this task to a company but have no idea of where that information is sent to.
Forbtech offers their customers peace of mind when it comes to the backing up their data.
Our back up is managed by our team of experts, we ensure that there are encryptions put in place on the device, in transit, and lastly to the storage where your data is being backed up. We have 9,000 files that are being backed up every second, that is 283 billion files per year. Our Backup is stored locally, and at seven (7) different sites nationwide.
Forbtech has POPI compliant services that are available, to keep your data under wraps. We advise companies to follow the below procedures:
Storage of documents and databases in the cloud: With cloud storage, it becomes far easier to access, monitor, and maintain documents, and data, while ensuring that it is stored while keeping the requirement of the POPI Act compliance in mind.
Complete backups: Using Cloud, and Microsoft 365 Backup solutions to store multiple copies of the data, will help with the compliancy of the POPI Act, while ensuring that information can never be compromises beyond repair or held ransom.
Put a disaster recovery plan in place: Security breaches, load shedding, fires, and even natural disasters could place data, and information at risk. Having a disaster recovery plan will help with the recovery of information, promptly, and urgently whenever disasters may strike.
Manage ID’s and access: Keeping control over who can access the information stored is important, as this will ensure that confidential information is kept, confidential. Only the relevant parties who require to have access to the relevant information will be able to access it. With Identity and access management monitoring activity to detect unauthorised access attempts is easy.
Perform regular compliance audits: It is not enough to implement secure processes and assume continuous compliance thereafter. Regular compliance audits, and maintenance are required to ensure that personal information stays safe and always stored in line with the POPI Act.
Thank you to Kirsten Rushmer (Sales and Service Liaison) for the assistance with this blog.