With the rise of the Internet and digital technology, every online activity generates, every second, the processing of billions of personal data at an unprecedented pace. Personal data includes any information that can be used to identify an individual, such as name, address, phone number, and email address. Generally, users are unaware of the risks related to the protection of their data and the rights associated with it. As a result, data protection often presents challenges for IT professionals.
Origins of this Day
The European Data Protection Day is celebrated every year on January 28th to raise awareness about the importance of protecting personal data and privacy. Its aim is to remind individuals and organizations of the importance of safeguarding personal data and how to do so effectively.
This day is officially recognized by the European Union and its member states, as well as by other countries around the world, where it is known as "Privacy Day."
Data Becoming Less and Less Personal
While the collection and processing of personal data provide significant benefits to individuals and especially organizations, they also pose risks to security and privacy. Personal data can be misused, stolen, or shared without consent, leading to serious consequences such as identity theft and financial fraud.
To address these risks, the European Union implemented a comprehensive data protection framework, the General Data Protection Regulation (GDPR), which came into effect in May 2018. It sets strict rules on how personal data can be collected, processed, and stored, giving individuals more control over their data.
What About at La Providence?
Data Protection at La Providence
Olivier Colly, Director of Information Systems, explains in detail the various measures and strategies he has developed over the past 15 years.
Our service activities lead us to collect a lot of personal information in two main areas. Firstly, in the administrative management of employees, through internal software that allows us to generate payslips, for example. Secondly, in resource planning, via an ERP (Enterprise Resource Planning) system, which centralizes the data of our clients. In short, we work to protect your data across all the software used by the group.
Legally governed by the GDPR, the group focuses on best practices and prevention. We regularly conduct hacking exercises with an experienced company to strengthen our protections. Additionally, we maintain an up-to-date register of data processing activities and a mapping of our information systems.
Tools Used to Protect Our Employees
Olivier Colly assures, "It's no longer a question of whether we will suffer an attack, but when." Therefore, the objective is to do everything possible to make the attackers' job more difficult.
To achieve this, the group has adopted several security tools. Firewalls, NDR, EDR, MFA, SOC — these are just some of the acronyms representing the various solutions in place to secure and quickly detect attacks on our networks.
A team of four people ensures the monitoring and development of these systems.
Conclusion
Each year, data security and protection represent a significant budget, but it pays off. So far, no attack has successfully breached the Group. Moreover, our success has been recognized, as our company received a high rating in the Cybervadis evaluation. While this rating is not a guarantee against all risks, it positions us as a trustworthy digital partner.
In conclusion, the only real obstacle to data protection is human error. So, the best advice to avoid being hacked is: stay vigilant.
