Who’d have believed it – there’s a Data Privacy Day – Monday 28th January 2019.
Data Privacy Day (or Data Protection Day) was originally created by the Council of Europe in 1981 to commemorate the first binding multi-country data protection convention. It is now celebrated by more than 50 countries around the world who have signed up to the convention and was updated last year to be consistent with the GDPR.
It is of course important for us in the UK and Europe given the passing into law of the General Data Protection Regulations in May last year.
We’ve written this article for both our business and personal customers with a few simple reminders on how to maintain data privacy. First off for business, then for personal readers:
- Educate your staff! Coincidently (or not!) we are running a security awareness training session for staff on Tuesday 29th January 2019. You can find out more and reserve your place here.
- Implement Access Controls on all your applications – only provide application access to staff that need access, use passphrases more than passwords and apply multi-factor authentication when you can. Just remember haveibeenpwnd.com lists 5,695,973,891 pwned accounts!
- Keep a clean machine: Your should have clear rules for what staff can install and keep on their work computers.
- When in doubt, throw it out: Staff should know not to open suspicious links in email, tweets, posts, online ads, messages or attachments – even if they know the source. Staff should also be instructed about your company’s spam filters and how to use them to prevent unwanted, harmful email. Read our article on phishing emails.
- Back up data: Put in place a system – either in the cloud or via separate hard drive storage – that makes electronic copies of the key information on a regular basis. Read our blog on backups.
Take the opportunity to promote “Data Privacy Day” to your staff.
Data privacy for our personal customers:
- Share with care – its easy to get carried away with the personal information you share online, such as with Google, Facebook and Twitter etc. But just ensure you are comfortable with what you share and who you share it with. Last year we saw in the Facebook / Cambridge Analytica fiasco how much information can be shared without our permission. You can read how to set Facebook privacy settings here and Google settings here.
- Look for the “S” in HTTPS, but be careful. Sites that start with HTTPS (such as https://paac-it.com) are secure and the data between your device and the website is encrypted. However, that does not mean you are on the right site. The bad guys do fake websites which can be difficult to distinguish from the original: such as https://paacit.com – only a small difference from the genuine website.
- Have I been pwned? In this context we mean your account has been hacked and your information published by the bad guys. You can head over to haveibeenpwnd.com and enter your email to see if it has been hacked. If yes, we suggest you change your email password quickly. haveibeenpwnd.com lists 5,695,973,891 pwned accounts!
- If in doubt, throw it out. Do not to open suspicious links in email, tweets, posts, online ads, messages or attachments – even if you know the source. Read our article on phishing emails.
- Keep a clean machine – Keep the software on your computing device (PC, Mac, tablet etc) up to date and only with software that you need. The less software and more current it is, the less likely is the chance of attack. Use recognised security software.
- Use parental controls to protect children online. Most ISPs such as Sky, BT and Virgin provide parental controls as does most security software.
Enjoy your online experience – but be careful.
Got some questions or like to know more? Just call us on 01428 770 290.