Top five tips for Data Privacy Day

News 28 Jan, 2009

It's the second annual Data Privacy Day - do you know where your data is?

Keep an eye on your own data – that’s the message Intel and other groups are trying to get to the forefront of people’s minds today, with the second annual Data Privacy Day.

With web security and data breaches constantly in the news, it’s hard to imagine this will take much convincing, but malware is spreading at a constantly increasing rate, suggesting people simply aren’t keeping safe online.

It’s no easy task, however, as the average internet user’s data is sprinkled across as many as 800 databases. So what can you do to keep your data the way it should be - private? Here’s five tips from security experts to mark the day.

Use security software

Even the most security savvy people sometimes let their guard down, and such software helps offer an additional line of defence to keep your computer – and increasingly, your mobile phone – free of data-stealing malware.

And if you’re not on top of the latest malware trends, you definitely need up-to-date anti-virus of some sort. “A lot of issues never arise because they’re blocked,” Symantec's Guy Bunker told IT PRO. “If you have security software in place, it gives you an extra level of security.”

On the other side, businesses – and the government – need to start encrypting data. “Going forward an enterprise-wide approach to security must be taken which focuses on defending the data, not simply protecting the network,” said PGP’s Jamie Cowper. “Encryption is key to this strategy and remains the most viable solution for enterprise data protection.”

Install updates

Many updates to operating systems, applications and browsers are to fix discovered flaws in code – as in holes that could let people in to access your data. “It’s still important you update your operating system, apps and browser,” said Bunker. “It’s a bit like cracks in a windshield – it’s a known vulnerability which someone might exploit.”

Indeed, Bunker warned that despite many new computers coming loaded with anti-virus software, people sometimes forget to renew the subscription. “People start out with the best intentions… it comes with anti-malware, but people go away and don’t think about it anymore.”

Use your head

“The key piece is to think about what you’re doing,” said Bunker. “If you’re copying data onto a CD ROM, think about what you’re doing with it.”

The same follows when working online, he said. “If you’re in your office, or sitting around at home, surfing the web, and something asks you to install it, just think twice,” Bunker said. “Most malware is delivered through the browser.”

Businesses can’t ensure every employee uses their head each and every time they come into contact with private data, but they can set better policies, PGP suggested. “Data is now the currency of the internet and organisational policies must reflect that,” Cowper said.

Keep it private

Social networks are increasingly a major target of hackers – and all they often need is access to your profile page.

“One of the big problems is people putting information on social networks,” Symantec’s Bunker explained.

Full names and birthdates might seem innocuous posted on your Facebook page, but it’s simply not. “If they have enough information, say from a social network, then [fraudsters] can even apply for a bank account in your name… you’ll not know until you apply for one yourself.”

Treat data as something worth protecting

People and businesses need to think about how they handle data – their own, and that of others. “You’d like to think other people are looking after yours as well as you are,” Bunker said.

Organisations have seen that there is a problem – it’s hard to miss. But now that they’ve seen something needs to be done, it’s time to take action. “Though organisations recognised the problem in 2008, the year ahead must see a more proactive attitude to data security,” said Cowper.

“For governments, this means putting the correct measures in place to protect citizens’ data within the so-called ‘super-databases’. For enterprises, this means creating robust data protection strategies to reduce the risk of reputational damage in an already turbulent marketplace.”

Click here to read the 11 lessons organisations should have learned about data breaches.