“NEVER DO THAT.” HOW IT PRODUCED A SOCIAL EXPERIMENT
70% of Ukrainians did not pay attention to whom they gave personal data, and 50% reported a secret word in banking – their mother’s maiden name.
The cloud operator GigaCloud conducted a social experiment to test the awareness of Ukrainians about the problem of protecting personal data and how easily they share it. To do this, the operator’s employees went to one of the shopping and entertainment centers in Kyiv.
Visitors to the shopping center were asked to answer three questions about personal data and fill out an anonymous questionnaire in a Google form. The questionnaire was asked to indicate the place of residence, phone number and mother’s maiden name. The experiment was carried out until February 24.
“We showed how scammers operate when they collect sensitive data,” GigaCloud said. – We offered to take an anonymous survey and at the same time asked for personal data. Nobody was surprised. We want to say to all Ukrainians – never do that!
Take care of your data and pay attention to who you provide it to. 10 people took part in the experiment:
- 10 out of 10 entered data into the questionnaire;
- 7 out of 10 did not pay attention to where they entered their data;
- 5 out of 10 indicated their mother’s real maiden name.
The results of the experiment showed that people do not fully understand the value of their personal data and what the consequences could be if it ends up in the hands of fraudsters. At the same time, all the people surveyed believe that data should protect business and the state. But there is another, no less painful side of the issue – a business can store data incorrectly, which makes them easy prey for criminals. According to the IT Governance portal, in January 2022 alone, hackers stole 66 million files, including email addresses, passwords, phone numbers, etc.
“Businesses must securely store the personal data of their customers. Firstly, it is his responsibility, and secondly, it eliminates large fines if the company operates in the EU,” says Artem Kokhanevich, CEO of GigaCloud. — That is why it is in the interests of Ukrainian companies to set up personal data management processes in accordance with the ISO/IEC 27701:2019 standard. In addition, it confirms compliance with the requirements of the GDPR – the general data protection regulation under EU law. So the company will have official confirmation that it has done everything possible to protect personal data, and customers will be sure that their data is stored and processed in accordance with the best world practices. It is for our peace of mind and the peace of mind of our customers that GigaCloud has achieved ISO/IEC 27701:2019 certification.”
HOW CAN CLIENTS KNOW THAT THE COMPANY MEETS INFORMATION PROTECTION STANDARDS?
There are signs that will help customers know that a company is ISO 27701 compliant. The main one is when a business is honest about the processing of personal data, because before collecting data, it must obtain permission from the owner. They do it in different ways. They set pop-up cookies on the site, during a phone call they warn that the conversation can be recorded, or if the client buys something on the site, they ask for consent to the processing of personal data.
“Ukraine has become a candidate for membership in the European Union. To become a full-fledged member, our country needs to carry out a number of reforms and integrate into European standards. You need to start with yourself and your business,” sums up Artem Kokhanevich.
See the GigaCloud material at the link for more details.