By Mike Peterman
Today, January 28, 2019, is Data Privacy Day (DPD).
Every year since 2008, the National Cyber Security Alliance (NCSA) has led an effort to promote and educate consumers on the importance of data privacy. New privacy and data regulations like the GDPR (General Data Protection Regulation) and the California Consumer Privacy Act have been making headlines in the industry over the past year. With more regulations likely to come, it seems fitting that this year’s theme for DPD is called “A New Era in Privacy.”
During a live broadcast today, experts in privacy from NCSA, FTC, LinkedIn, and Verizon will discuss the recent changes in privacy dynamic and what it means for consumers and businesses.
DPD is also a good opportunity for everyone to reflect on their current risk.
Whether you’re an everyday end-user, or a company that stores sensitive information, it’s important for you to understand what data you have and identify what’s important to you or your clients.
For businesses, it’s important to identify and classify the data you collect as well as being clear about why you are collecting it. Consumers want to know why you have or need certain types of data, that you are only using it for the intended purposes, and that you are keeping it secure.
An important step in keeping data secure is knowing what data you have.
If you identify all the information you have about a company, or an individual, and classify all the data that is sensitive or PII (Personally Identifiable Information), then you can assign certain protections and controls that will help to keep that data out of public domain.
For everyday consumers, one of the most important initial things to do is to identify all the sites, apps, businesses or devices that you have an “account” with.
What email account was used to register?
Do you have different emails for different types of accounts?
What password was used?
Are all your passwords unique or are they all the same?
You can reduce your risk by using different Emails for banking and social media. For example, how someone would split their work email and their personal email.
It’s also important to use different passwords for different websites. Most importantly is to not use the same password that is used to log in to your email account on other sites. If you use the same email and password on 20 different websites, all it takes is for one website, or even one person at those companies to make a mistake, and someone could now potentially have access to your entire digital life.
No matter how obscure your email is, or how long and complex your password is, if that combination is used for every account, then you are putting all your privacy and security in the hands of others. Unfortunately, it is possible you won’t know you were hacked or your information was breached until it’s too late.
For more information about how to protect yourself and/or your customers, look at the links below from the United States Computer Emergency Readiness Team (US-CERT) and the NCSA’s “Stay Safe Online” website:
- Managing Your Privacy
- Safeguarding Your Data,
- Protecting Your Privacy,
- How Anonymous Are You
- Choosing and Protecting Passwords.