Strengthening Your Data Privacy in Five Easy Steps
Yearly, on January 28, the United States celebrates Data Privacy Day. While the holiday only comes annually, protecting the privacy of your data should be part of routine maintenance like washing your car or sweeping your floors. It’s easy to get caught up in the intensity of the workplace—but just as it’s important to educate and reiterate cybersecurity awareness, it’s critical to spotlight data privacy as an essential practice as a corporate citizen.
There are a lot of simple things that organizations and their employees can do to get ahead of potential data privacy issues and to stay compliant with IT department best practices.
Top Five Data Privacy Actions for End Users
End users can increase their data privacy and security posture on their own. A few tips that can be put in place to help end users, include:
- Review privacy settings on social media accounts, especially since most platforms update their policies regularly.
- Triple check the most recent terms and conditions for your social media, ecommerce, or online tools. It’s important to understand how the vendors you use are collecting and sharing your data.
- Stop using unsanctioned tools to share data. If you use a tool that your IT department genuinely doesn’t have an alternative for or the alternative is difficult to use, advocate for user-friendly options with your management and IT teams.
- Flag suspicious looking emails for IT as they could be a social engineering scam, phishing scam, or spoofing.
- Don’t forget security 101 tips like regularly changing your password, using authorized tools/devices, etc.
Top Five Data Privacy Actions for IT Teams
For IT teams, there are a number of tips that can be put in place to support end users and improve data privacy, including:
- Review and, if needed, refresh corporate privacy and data security policies as well as incident response plans. A yearly check on these polices insures the organization against possible leaks or data loss.
- Perform a security audit to make sure you’ve minimized any potential vulnerabilities where possible.
- Review user account access and permissions for data collaboration platforms, file transfer solutions, or shared applications, ensuring that those who have access should have access.
- Schedule or perform a yearly cybersecurity awareness training. Include privacy best practices and policy overviews so that employees are as educated as possible.
- To evaluate tool effectiveness, conduct a survey on end user preferences and challenges with current IT solutions offered. You might be surprised what you’ll learn just by asking!
This year’s Data Privacy Day is a good reminder that we all must remain vigilant in the pursuit of data privacy and security.
Data Privacy Resources
Your IT team understands the importance of securing the network against data breaches from external threats. Regardless of your efforts, data breaches usually begin at home, inside your network, because of lax or unenforced security policies.
Insider threats are now the most prevalent data incidents, representing nearly 70% of all data leaks.*
Are you doing enough to prevent the data leaks? Have you...
- Secured your firewall,
- Made your employees change their passwords every 90 days,
- Ensured that users’ laptops are using hardened security settings,
- Implemented an annual, required security briefing on the importance of strong passwords and locking the keyboard when leaving your desk?
That's not enough. An organization needs a good layered security policy with multiple layers of defense to protect against these incidents. The security policy should educate users about how they can help protect company information and the consequences if they don’t.
In this whitepaper we discuss three of those layers most commonly targeted: the network, the data, and the users.
*2016 Data Security Incident Report, BakerHostetler