It seems that every other day we hear of another data breach. As our use of electronics and data increases, so too does the opportunity for that data to fall into the wrong hands. According to the Identity Theft Resource Center, more than 550 breaches have already occurred in the first six months of 2018. In six months, over 17 million records have been exposed. Twelve percent of those breaches were in the banking/credit/financial sector; nearly 45 percent occurred in business.
Those are just the reported breaches.
There could be more.
On May 25, 2018, one of the most significant changes to European Union (EU) privacy law went into effect. The new General Data Protection Regulation (GDPR) provides assurance for individuals that their data is not collected and/or used either in Europe or abroad without their express consent, giving EU citizens greater control over their personal data and how it is used and protected. GDPR requires that companies notify users and authorities within 72 hours once a data breach is discovered so that individuals may do whatever necessary to protect their personal data.
According to GDPR, “personal data” refers to everything from name, email, address, date of birth, and personal interests to photos, social posts, and more. Every company that does business with EU customers—regardless of the company’s location—is required to comply with GDPR, including those here in the United States.
But GDPR doesn’t just affect your communications: Its reach is much, much farther.
Is There a Leak in Your Spreadsheet?
Believe it or not, GDPR has implications for your spreadsheets, too. This might make you wonder. How are my spreadsheets involved? I’m just crunching numbers for my department.
It’s fairly typical for finance teams to send spreadsheets back and forth via email during budgeting, planning, and performance tracking every single month. Almost every one of those spreadsheets likely contains highly confidential information that falls under the “personal data” description of GDPR. Thus, sharing confidential data in spreadsheets via email means that you’re putting your company at risk of a data breach, that is, “an incident leading to destruction, loss, alteration, unauthorized disclosure of, or access to personal data.”
If you’re struggling to imagine how a data breach could occur in this situation, think of any time you’ve received an email from a colleague that is completely unrelated to your job function only to receive a follow-up message asking you to disregard the message sent to you in error. Most of us shrug and delete the rogue email.
However, GDPR constitutes this as a data breach risk.
Don’t Run the Risk
Emailing sensitive financial documents—even if you only plan to email within your financial team—carries risk of both loss and misuse of information. Finance teams should be aware of how information could get lost, best practices for data encryption, protecting data in transit, and how information could be misused and by whom.
With more than 750 million Excel users worldwide, there’s little chance that Excel use is going to go away any time soon. So, the challenge remains to uncover ways to integrate spreadsheets into solutions that minimize or eliminate the large-scale data migration issues.
Easy Compliance (Really!)
Data protection for all those spreadsheets zooming around from your finance team may seem like a daunting responsibility, but it doesn’t have to be. With platforms like insightsoftware’s Spreadsheet Server, users already have access to pull real-time reports into Excel and create automated reporting processes that save hundreds of hours each year.
Included in Spreadsheet Server is a handy tool called Distribution Manager. This feature is a big part of the time-savings offered by Spreadsheet Server, as it eliminates the need to manually save and attach multiple versions of an Excel report to emails going out across teams and entire organizations. With Distribution Manager, users set up a send list one time in Excel, specifically denoting teams or individuals who need to receive the report. This eliminates the chance of clicking the wrong name in autofill and accidentally sending your sensitive company financials to Uncle Bob or an intern.
Not only does Distribution Manager allow you to easily control who gets your reports, it also allows you to control the format. Send the full workbook to your CFO, but only send one worksheet to a department head. Modify cell contents on send so that only a specific department result shows. Convert formulas to values and protect worksheet calculations, add passwords, or change the file type to a pdf on the send to protect all data. You are in control of the data, and you can have total confidence in where it’s being sent and how. Compliance never felt so good!
GDPR compliance can seem intimidating. You can worry less with Spreadsheet Server and Distribution Manager. Let us help you bolster that compliance today.