Fonality Blog | VoIP, Unified Communications, and Business Tips

What do you need to know about the NDB?

Posted by Australia Fonality

Share:

Google Logo
Here's what you need to know about the notifiable data breaches scheme.

Cyberattacks are part and parcel of modern living. Gone are the days when you could merely shred a document and never see it again. Now, everything we do, from online shopping to social interaction, is recorded. And this means there's a lot of data out there that attackers can steal. 

Yahoo knows this all too well. In 2013, they suffered a major data breach - however by the time it was discovered in 2016, the records of all 3 billion of its users had been stolen. 

The Australian government is also aware of this threat. That's why they introduced the mandatory notifiable data breaches scheme on February 22. What do businesses need to know, and how can you ensure your unified communications system remains secure against cyberthreats?

What is the notifiable data breaches scheme?

The NDB is designed to give consumers sufficient notice to take security precautions in the event that their personal information is stolen.

It affects all entities that already have obligations under the Privacy Act 1988. This means businesses with an annual turnover of $3 million or more. In addition, it applies to all health service providers, credit providers and reporting bodies, companies that trade in personal information, employee associations registered under the Fair Work Act 2009, and tax file number recipients. 

The government now requires all these entities to notify affected customers - as well as the Office of the Australian Information Commissioner (OAIC) - of an eligible data breach. To qualify, a data breach must:

  • Be likely to result in serious harm to the person involved. 
  • The entity can't prevent the likely risk of serious harm with remedial action.

How should businesses notify?

When a business believes an eligible breach has occurred, the OAIC has stipulated that they notify affected people of the following:

  • The organisation's identity and contact details.
  • What happened in the data breach.
  • The kind of information that may have been stolen.
  • Advice for the individual on what to do next. 
When a data breach could cause significant harm, eligible entities must notify their customers. Businesses must notify individuals if the breach may pose a significant risk.

Keeping businesses cybersecure with unified communications

The NDB means businesses need to do their utmost to ensure they remain secure. Fonality has been bringing unified communications (UC) to Australian businesses for years. This means we know how to keep your UC technology secure, and have many in-built features to allow you to do so. 

In addition, keep your UC secure by:

  • Introducing end-to-end encryption, multi-factor authentication and stronger password policies. 
  • Put your UC network behind a firewall that can block undesired traffic.
  • Introduce a VPN for remote users.
  • Update your software regularly.
  • Turn off unusued services. If you aren't using chat, for example, turn that off to reduce the number of areas available for attack.
  • Regularly review system logs to check for undesired traffic. 

Contact Fonality today to find out more about our secure unified communications systems.