If you’ve ever causally mentioned something – like cat food – within earshot of your home automation devices and then suddenly noticed an uptick in ads for your favorite brand across all platforms on all of your family’s devices, you understand the reality of data privacy today – we have virtually none. From those dreaded phone calls about your auto warranty to pre-qualified credit card offers in the mail to continual texts from every restaurant you’ve visited in the past 12 months, it’s still the Wild West when it comes to what companies can do with your information.
While these types of intrusions are frustrating, keeping your organization’s data – and that of your employees – private is more than an inconvenience; it’s a potential security issue. Cybercriminals look for the path of least resistance to gain access to corporate networks, and that is often through a vulnerable personal account. Here are a few ways your IT team can encourage your employees to boost their data privacy – and some ways to shore up yours:
Securing Personal Information
Don’t Overshare
Perhaps the simplest way for individuals to ensure that their data is not stolen is not to share it in the first place. When dealing with companies either online or over the phone, many will ask for more information than they need. Before you divulge critical personal information, ask if they really need it, and then make sure that they will not save and use that information for anything else in the future or sell it to other companies.
When you are giving your information online, be certain you are only entering it into secure websites from reputable sources. Take the time to make sure you are on the site that you think you are. For example, if you get an email from your bank asking you to verify information, don’t click the link in the email, go directly to their website and see if it requires the same information. Also, don’t fill in fields that are not mandatory.
Be Cautious
While it’s easy to recognize a scam email or call when it’s coming from a prince offering you an inheritance from a country you’ve never heard of, most cybercriminals are a bit more sophisticated in their attacks. Phishing was the number one cybercrime complaint for both individuals and businesses in 2020, leading to $1.8 billion in business losses.
To defend against the more insidious attacks, follow the simple rule of not giving out any personal information over the phone or via email unless you initiate the conversation. In other words, don’t respond to phone or email requests for data. If you believe the need is genuine, hang up and call the public number of the company the request is supposedly coming from or email them directly to be sure you are talking to the right entity.
Guard Personal Information
It’s no secret that our personal information can be found on virtually everything we touch – physically and virtually – from receipts and mail to phones, computers, notebooks, flash drives, and other devices. Before you dispose of any of these, make certain that you are removing all personal information. That means shredding paper before you dispose of it and wiping all electronic devices completely before you donate, sell or discard them. That also means not inputting personal information into any public access computers, such as those in a hotel or library, and also being cautious about which sites you are logging in to from public WiFi. Your banking sites, for example, are best entered through your personal, secured network.) It’s better to be a bit overly cautious about where you leave information than to become the victim of identity fraud.
Change Passwords Frequently
It’s okay to admit it. You probably use the same password – or a derivation of it – for most, if not all, of the sites you access online. This is bad because if a potential hacker can access one of your passwords – say your email – it could potentially give them access to your bank, your work login, and everything else that is digital. Here is a great article with advice on making and keeping safe passwords. Also, make sure to keep passwords private. This can be particularly challenging in a corporate environment, when a fellow employee may need to access something quickly. If you do need to share your password for such a reason, make sure to change it as soon as your coworker concludes their business in your account.
Read the Fine Print
You’ve seen it and most likely ignored it. That annoying pop-up window with screen after screen of fine print makes you hit “accept” at the end before you can continue. Even though it’s boring, tiny, and difficult to read, you need to read the terms and agreements. If you just blindly hit accept, you may be agreeing to let the company sell your information to the highest bidder.
Securing Devices
The following tips apply more to your IT support team or MSP in a corporate environment, but they are worth taking note of in your personal life as well.
Don’t Ignore an Update
The continual stream of programs asking you to update to the latest versions might seem annoying, but they’re critical to keeping your software and hardware safe. Most updates included new security patches and upgraded protections to combat the latest variations of cyberattacks. While you might grumble about taking a few minutes to update software today, imagine how much more time you would lose if you had to rebuild your entire system due to a cyberattack. Allow your IT team the time it needs to install updates and patches.
Purchase and Use Security Software
In your office, your internal IT team should be ensuring that your network and all devices have anti-virus software installed and that it’s up to date. They should also be maintaining your firewall (and putting redundant systems in place) to help prevent attacks from entering your systems. These types of defenses are some of the most effective means your IT professionals have to minimize cyber risk. Take the same precautions on your personal devices to protect your family, and encourage your employees to do the same.
Close Unused Accounts
An open account is an open door into your system – particularly when that account goes unused for any length of time. Whether it’s an application that is no longer being used or the account of an employee who is no longer there, empower your IT support professionals to close unused accounts to keep your networks secure. In your personal life, follow the same rule and closed any accounts that you no longer use.
Don’t Use Public Wi-Fi
As we mentioned above, public Wi-Fi is often unprotected and can be a breeding ground for cyber threats. Here is an article that exposes the dangers of public Wi-Fi and how you can use it wisely – because the reality is that there are times when you must use it. The main point to remember is to never enter any personal information while connected to public Wi-Fi.
Conclusion
When it comes to business and your personal life as well, data privacy is about far more than preventing the occasional spam call or random sales email. Companies can use your private information to target advertisements and promotions to you – whether you want to see them or not. More critically, skilled hackers can use your basic information to break into privileged information like your bank, credit cards, social security number, work access, and any other piece of your life they want to crack. In 2021, the number of consumer identity theft complaints in the U.S. rose to over 1.43 million, according to the FTC. If you want to keep your data private, you have to be diligent and exercise personal responsibility. Likewise, your IT support team has to prioritize data privacy and take the necessary steps to keep your internal networks secure.
Contact us to learn more about data privacy for businesses and speak to one of our IT consultants, who are well-versed in providing fast, friendly, and highly responsive outsourced IT support in California and for small- and medium-sized businesses across the country.
