Jan. 28, 2022
About personal and corporate data privacy
5 min read
Data privacy day is the perfect occasion to revise the good practices when it comes to handling personal data.
Personal data protection begins with one’s habits. Let’s look at some examples closely.
We share what needs to stay private
(Bad Habit No. 1)
We share a lot on social media. A trip to the south coast of France. Buying a new phone in an online store. Dining at a restaurant. These and other life events are described in personal feeds, accompanied by flashy photos. We also like to complain about our banks, phone operators, and other organizations.
Any information we share, even if it seems insignificant, makes us more vulnerable to attackers. A scammer may contact us and tell us that the payment for a recent purchase (which we shared on Instagram) through our bank (which we wrote about on Facebook not so long ago) was not completed successfully, and in order to finalize the transaction, we must re-enter the bank details on a dedicated web page — we will get the address in a moment via SMS.
What can you do
First of all, use social media responsibly. Remember that once something is on the web, it’s out there forever and could potentially be seen by anyone.
Be wary of any attempt to push you for action or make you share sensitive data. If you get a call from your bank, postal service, or a government agency, don’t do anything in a rush, even if the caller gets your name right and provides other information. If it’s your bank calling, ask for the person’s name and in which branch and department they work. Offer to call them back on the phone number available on the bank or branch web page.
You should also be careful about any type of messages supposedly sent by banks, well-known companies, and government agencies.
We use weak or identical passwords
(Bad Habit No. 2)
When creating and handling passwords, we often make at least one of the mistakes from this list, and often all of them at once:
- we use the same passwords for various accounts
- our passwords are very easy to guess
- we store passwords in an unsecured environment
- we rely on the password so much that we neglect two-factor authentication (when in addition to entering a password, you need to pass additional verification to log in to an account, for example, through an SMS code)
There are a lot of scenarios for how neglecting the password usage rules can lead to significant consequences.
While selecting a password for an online service, not only do we determine the degree of account protection, but also entrust that password for safekeeping. If fraudsters manage to gain access to the password database of users of this service, our password, along with our email address, will end up in one of the hundreds of databases traded on specialized forums. The combination of our username and password can then be used to attempt to log in to our social media pages and other services.
What can you do
Password discipline only comes when the right habits are successfully learned. First of all, you should use two-factor authentication when working with email, banking, and financial services, as well as when using social media.
There are password managers that can help you balance security with comfort. These tools store data using encryption, generate character combinations to make strong passwords, and may even remind you to change your passwords at certain intervals.
When choosing a password manager, check the reviews of experts and users. Business owners and companies turn to information security experts for advice directly when it comes to choosing a password manager.
We don't lock unattended devices
(Bad Habit No. 3)
This problem can often be seen in offices when an employee leaves their desk with an important document still open on the screen of an unlocked device. Sometimes, there is also the person’s unlocked phone with an open messaging app left next to the computer.
What can you do
Go to your device settings and select the option to make it lock automatically if not used for several minutes.
There are keyboard shortcuts that make it easy to lock your computer — do it when you walk away from your device:
- Mac — Control+Command+Q
- Windows — Windows+L
We use public Wi-Fi hotspots
(Bad Habit No. 4)
Using public Wi-Fi access points, we give scammers the opportunity to intercept our data. Encryption protocols used by most online services provide a good level of protection, but they are still not 100% reliable.
You should use only trusted access points and mobile communication.
Data privacy in a corporate setting?
- It is recommended to use an email configured by the in-house IT team to communicate important information within the company.
- Work correspondence must remain within the email or the messaging apps approved by the in-house IT team.
- There must be a procedure in place for data storage and the use of physical data storage devices.
- Your company most likely has a manual, leaflet, handbook, or another similar document that describes the data handling regulations. You can request such a document from the HR and IT departments. If you have a specific question concerning the company’s data security policies, you can contact the Compliance, Law, and System Administrators’ Department.
- Establish a backup phone and email and connect all your crucial accounts to them. Don’t ever use these accounts anywhere, while making sure they are operational. They might be your only chance to restore your data.