January 28th has probably been an insignificant day to most of us for many years.
However, in 2006 the Council of Europe initiated the first Data Protection Day in Europe. In 2008 Data Privacy Day reached the US and was given official status by the United States House of Representatives in 2009 as the National Data Privacy Day.
And so, we are now in 2022, and very little we do is private. We are all targets for some type of fraud. Everywhere we go, physically or virtually, we are asked by businesses or apps for our personal information. People are having their identities stolen, their banking accounts plundered and sometimes falling foul of the law amongst the many incidents occurring due to hacking and phishing.
At VoiceSage, we ensure that the personal data we process from you to conduct business with us is secured using leading commercial solutions ensuring confidentiality, processing integrity, and availability. To maintain these levels of compliance, we are audited annually to ensure our ISO 27001, ISO 27018, PCI DSS Level 1 Ver. 3.2 and Cyber Essentials Plus certifications are maintained.
This is classified as Data Security, and I would recommend that any individual or business wishing to do business with an organization should look for these or any similar type of certification.
Data privacy, although connected and intertwined with data security, is a different kettle of fish.
A relevant analogy I came across describes data security as securing one’s home with alarms and putting burglar bars on one’s windows to prevent or make it difficult for someone to break into your home. While data privacy is like closing one’s curtains or pulling down blinds to prevent people from seeing inside one’s house.
Research has shown that we, as consumers, are far too trusting of organizations, believing that they will protect us. Therefore we pay far too little attention to data privacy beyond knowing not to share our passwords with anyone else.
The security team at VoiceSage, as part of our contribution to Data Privacy Day, would like to leave a few easy takeaways for you, our customers, or end-users to consider in improving and protecting your data privacy. These are:
- Understand the privacy – many businesses or apps as you for a mountain load of personal information before one even uses their services. Make an informed decision as to whether they need it before completing their request, and also whether it will benefit you by providing it.
- Delete unused apps on your internet-connected devices and keep others secure by performing regular security updates when requested by your device manufacturer.
- Manage your privacy – when you have decided to set up a new account or use a new app, check the privacy and security settings on these web services and apps and set them to your level of comfort. A great resource for checking and setting various account settings is Managing Your Privacy Settings
- Protect your data – how does one do this? There are a few basic solutions that one can implement without becoming paranoid or making it difficult to use one’s device.
- Install an antivirus solution on your device. There are many to select from and I would recommend not using a free solution as in today’s times, a premium solution will protect one better due to the services these provide.
- Use unique, complex passwords that are longer than 14 characters. To help and manage these requirements, one of the services that most premium antivirus solutions provide is a password wallet or manager where these passwords are generated and stored.
- Multifactor authentication (MFA / 2FA) – the setting up of providing two pieces of authentication evidence (your credentials) that it is you logging in. This is to protect you in case your password gets hacked. An example of MFA is when one gets asked to provide one’s username and password and then one needs to provide verification which could be to accept or provide a code that was sent to one’s mobile phone or email. These are also sometimes known as One-Time Passwords (OTP).
For those of you with elderly family and friends, help them to understand some of the issues out there as they are prime targets for these villains. Also help them to set up and make their devices secure.
Organizations must respect users’ privacy by implementing policies for safeguarding data and by developing workable processes to ensure these policies are actionable.
A valuable takeaway provided by the National Cyber Security Alliance for the Data Privacy Day is:
STOP. THINK. CONNECT.
Published on: 27th January 2022