or because they may often be carelessly used to transmit data over insecure WiFi systems. Mobile devices are covered by a universal security protocol called WPA that is updated from time to time, but a sophisticated hacker may be able to penetrate it. At All Points Relocation Service, “We do not let our employees work on anything other than a company-issued laptop,” Deane points out. This gives the company some control over the security of devices used by employees. A similar policy with phones also makes good sense. How else can businesses protect themselves, their clients and their employees? After AvMed’s data breach, the company agreed to a list of measures that makes a good starting point, beginning with written policies and procedures. Employees were given manda- tory training in security awareness, and mobile devices used by employees were upgraded to a higher level of security, including GPS tracking capability. The company’s password system was overhauled, and all its computers were protected with powerful encryption technology. Also, the level of overall security inside the buildings was increased to reduce the possibility for theft or tampering with office equipment. BROADER TARGETS Today, the cyber risk extends beyond just large obvious targets like insurance companies. Deane says they are not the only ones vulnerable to attack, with smaller companies in different sectors increasingly under threat as well. “Small and medium-sized companies are being targeted more and more,” notes Deane. “Small independent downstream vendors are the ones that we need to get up to speed or gain assurances from that they have a plan to get up to speed. And if they don’t, it has to become part of a procurement process, just the same as pricing.” As Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) is being updated with an eye to the stringent requirements of the European Union’s General Data Protection Regulation (GDPR), it is possible that cyber-security obligations may become federally regulated. Smart companies, however, will introduce robust protections ahead of the curve. A case in point is Relo Japan, which recently announced it has become certified under ISO 27001:2013, an internationally recognized informa- tion security management standard. Relo Japan’s certification was handled by an accredited certification body called Intertek. Firms are also exploring cyber-risk insurance as a protection if an attack does precipitate legal action. Few businesses are covered as of yet, but this is an area that is growing as news of sizeable awards in data-breach class-action suits is becoming more common. The advent of the connected world has made data-handling easier than ever before, but it has engendered privacy risks unknown in the last millennium. These risks must be addressed, or more busi- nesses across all sectors will find themselves facing costly repercus- sions like AvMed. The connected world has made data-handling easier, but it has engendered privacy risks unknown in the last millennium Partner with us for your fast track to success! Contact us today at www.mediaedge.ca or Robert Thompson 647-494-4229 Our winning products and services include: • Buyers Guides • E-Newsletters • Custom Content Marketing • Magazines • Directories • Show Guides • Website Ad Sales • Video • Sponsorship Sales • Social Media • Blogs • E-Books & White Pages • Events • Supplements • Profiles Ready, Set... Fall 2018 PERSPECTIVES 43