Nine Tips for Achieving Better Data Privacy

With an increasing proportion of daily business and personal life being conducted digitally, data security and privacy has never been a more important issue.

Theft and misuse of data can have big implications for those who are targeted as we have recently seen with the breaches at Optus, Medibank and Latitude Financial.  Cybercriminals can use data to access personal accounts, steal identities, and stage ransom demands by threatening to make the details public.

During Privacy Awareness Week, it is worth taking time to consider some of the practical steps that both individuals and businesses can take to improve their level of data security and privacy. Taking these steps now could avoid costly implications later. Nine top steps include:

  1. Understand where your data is being used and stored:
    Modern daily life requires most people to share personal data with a wide range of organisations. These include banks and other financial institutions, healthcare providers, retailers, and service operators.

    Actively assess how many organisations have your data and how well it is being managed. It is also a smart step to take advantage of services offered by companies such as Equifax. These companies can monitor your personal details, identity documents and report any incidents back to you for action.

  2. Undertake dark-web monitoring:
    It can be worth taking advantage of a service that actively scans the dark web for personal or commercially sensitive data. This will flag any misuse and allow the business to take steps to overcome any issues before they cause problems.
  3. Use a CASB:
    A Cloud Access Security Broker (CASB) is a useful business tool that can help protect sensitive data from misuse. A CASB sits between cloud service users and cloud applications. It can provide details on where business data is being stored and where it is being used. A CASB can also scan documents and determine which contain sensitive or personal details and should be given higher levels of security (Data Loss prevention)
  4. Screen calls, emails and texts:
    Potential security breaches can come in the form of scam calls and emails seeking personal details. For this reason, it’s wise to screen all calls from unknown numbers and treat unexpected emails with caution. Unintentionally providing personal data to an unintended party can have significant ongoing implications.
  5. Limit the amount of data shared online:
    Modern online life is full of instances where organisations seek personal details. It’s good to have a policy of only sharing the minimum of what is needed to access a resource or service. If possible, it is also wise to seek its removal once that resource or service is no longer required.
  6. Forward physical mail:
    If you are shifting house or relocating a business, ensure that physical mail is forwarded to a new address. Many instances of data misuse stem from details that have been gleaned from mail, so keeping it out of criminal hands is vital.
  7. Use a password manager:
    It’s important to have unique passwords for each website and service being used online, but remembering them can become challenging. Instead, make use of a good-quality password manager which stores them securely and only makes them available when you enter a single, master password. This combined with MFA (Multi-factor Authentication) is a powerful way to reduce your risk.
  8. Use a VPN when in public locations:
    Virtual Private Networks (VPNs) keen data transmitted over the internet secure from prying eyes. Always use one when connecting to public networks or those where the level of security is unknown.
  9. If a breach occurs, seek assistance:
    If personal data is stolen, it’s important to seek assistance. There are a range of specialist services that can step you through the process of overcoming the issue and getting your digital life back on line. Such assistance is available for both individuals and businesses.

Keeping personal data private and secure is going to be an increasing challenge as more of daily life occurs digitally. By taking these key steps, security can be tightened and the chances of falling victim lowered.

Spend some time during Privacy Awareness Week to check just how secure your personal data actually is and what needs to be done.

Murray Mills is Head of Cyber Security at Tecala
Murray Mills
Murray Mills is Head of Cyber Security at Tecala and has two decades of consulting, systems engineering and service operations experience in the IT industry. He is currently responsible for assisting clients with technical account management as well as the design and architectural governance in support of their cyber security postures. Mills previously worked at Leighton Contractors in several roles, including as Service Delivery Lead and IT Senior Systems Engineer, and at Red Zed Technologies as Systems Engineer. He is a Certified Information Systems Security Professional.