Centrify, delivering Zero Trust Security through the power of Next-Gen Access, warns that many Australian businesses need to rethink their approach to security to prepare for the new mandatory data breach notification law taking effect this month.
The Privacy Amendment (Notifiable Data Breaches) Act 2017 enacts the Notifiable Data Breaches (NDB) scheme in Australia from February 22 this year. The NDB scheme mandates that organisations suffering lost or breached data must notify affected customers as soon as they become aware of the breach and also report the incident to the Privacy Commissioner.
The legislation covers information such as personal details, credit reports, credit eligibility details, and tax file number (TFN) records held by organisations including Australian Government agencies, businesses and not-for-profit organisations with an annual turnover of $3 million or more, credit reporting bodies, health service providers, and TFN recipients, among others. Penalties range from fines of $360,000 for individuals to $1.8 million for organisations.
Centrify Senior Director APAC Sales Niall King said many businesses were security “sitting ducks” because their defences were out of date. “Today, businesses use a combination of cloud, on-premises and mobile services, which means traditional perimeter-based security is no longer effective,” he said.
“This is evident from research such as Verizon’s 2017 Data Breach Investigations Report (DBIR) which revealed that compromised identities were responsible for 81 per cent of all data breaches.
“Centrify believes that companies need to adopt a Zero Trust security model which centres on the concept that users inside a network are no more trustworthy than users outside the network.”
Mr King said Centrify-sponsored research in Australia, conducted by Ponemon Institute, revealed that publicised data breaches damaged both corporate value and customer trust. “This study shows that many companies underestimate the true impact of a data breach,” he said.
“Ponemon found the stock value index of 113 randomly selected global companies declined by an average of five per cent on the day a data breach was disclosed and experienced a customer churn rate of as much as seven per cent. Also, one third of Australian consumers impacted by a data breach reported they had discontinued their relationship with the organisation that experienced the breach.
“This is a vital lesson for organisations to learn as Australian law mandates data breach disclosures.”
Mr King said companies needed to re-evaluate their entire security posture from the ground up, by focusing on protecting identities rather than the network perimeter. “The solution is available,” he said.
“Through a unified, integrated solutions offering, Centrify provides identity services for all users across applications, endpoints and infrastructure, allowing organisations to implement Identity-as-a-Service (IDaaS), single sign-on (SSO), multi-factor authentication (MFA), enterprise mobility management (EMM), privileged access management (PAM) and User Behavior Analytics (UBA) technologies.
“This identity-centric rethink of security can directly address the more than 80 per cent of data breaches that arise from compromised identities, which dramatically reduces the risk of having to report a data breach.”
Centrify delivers Zero Trust Security through the power of Next-Gen Access. Centrify verifies every user, validates their device and limits the amount of access and privilege to resources while continually learning & adapting. Centrify Next-Gen Access is the only industry-recognised solution that uniquely converges Identity-as-a-Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM.) Over 5,000 worldwide organisations, including over half the Fortune 100 in the US, trust Centrify to proactively secure their businesses.
Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Services are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.
- Research shows data breaches carve 5% from share prices As corporations globally recover from recent ransomware attacks, Centrify-commissioned research reveals that many organisations underestimate the true cost of data breaches Centri...
- Centrify named to JMP Securities 2014 'Hot 100' list of best privately held software companies Centrify Corporation announced overnight it has been named on the JMP Securities ‘Hot 100: The Best Privately Held Software Companies’ list for 2014. The report highlights th...
- Centrify delivers identity management to Google for Work Centrify adds support for Android for Work, Chromebooks and secure remote access to Google Compute Engine virtual servers in Google Cloud Platform, while delivering deeper Google A...
- AVG selects Centrify to power AVG CloudCare Centrify and AVG overnight announced that Centrify will power the new AVG CloudCare™ Single Sign-on Identity-as-a-Service (IDaaS) offering. Centrify Corporation is the lead...