I&M Bank House, 5th Floor, 2nd Ngong Avenue, Upper Hill, Nairobi, Kenya

Our Clients in Software Development Industry

Data protection and cybersecurity are crucial issues in the software development industry, as software development companies handle sensitive client data and confidential development information. One example of a data protection case study in the software development industry is the 2017 data breach at GitHub, a popular software development platform.

 

  • We provided full-time outsourced data protection officer.
  • We audited the client’s organizational policies and amended various policies in line with regulatory requirements.
  • We drafted relevant data protection and privacy policies

 

In May 2017, GitHub, a popular software development platform, announced that a data breach had occurred in which a number of user account details were accessed by an unauthorized party. The company immediately reset the affected users’ passwords, but it was later revealed that the breach had been caused by a phishing attack in which the attackers gained access to a GitHub employee’s email account and used it to reset the passwords of other accounts.

The incident caused concern among GitHub users, as the platform is widely used by software developers to store and share sensitive client data and confidential development information. In response, GitHub implemented new security measures to prevent future breaches, including multi-factor authentication and increased employee training on cybersecurity best practices.

This incident highlights the importance of data protection and cybersecurity in the software development industry, as well as the need for companies to have robust security measures in place to protect against phishing and other types of cyber attacks. Additionally, it is important for software development companies to have an incident response plan in place and to train employees on how to identify and respond to potential cyber-attacks.

Furthermore, software development companies also need to adhere to regulations and compliance standards such as SOC 2 and PCI DSS (Payment Card Industry Data Security Standard) which are designed to protect sensitive client data and confidential development information.