View from Peter Lancos, CEO
"Welcome to another edition of eXate's Global Data Diaries series, a fortnightly blog series that aims to bring you the latest news, tips and insights from the world of data and data privacy. Today we speak about everyday data privacy."
Many organisations are spending millions on securing their data to make them more resilient to cyber threats and attacks. But what can we, as individuals, do to protect our personal data on a day-to-day basis? A failure to safeguard oneself against these attacks could not only result in exploitation, but also criminal offences against internet users.
The internet has made it very easy for us to stay connected. Platforms such as WhatsApp and Telegram enable people to stay connected anywhere, anytime. That being said, almost every person on the globe is connected to these apps and untold amounts of Personally Identifiable Information (PII) and sensitive information are relayed through these channels.
Some ways in which we can protect our data are:
Be wary of Social Engineering Attempts – It is important to distinguish between emails and messages that look legitimate and those that are fraudulent. Knowing about social engineering attacks such as phishing and CEO fraud can help users protect their data
Two-Step verification – This helps users add an extra layer of security to their end-to-end encrypted messaging account. The process requires setting up of a PIN when resetting and verifying the chat account in case the user’s phone or SIM is stolen or compromised
Consent as a key Privacy Enhancing Technique - When an individual discloses his or her personal information to commercial and other entities, they also grant consent for that information to be used for one or more purposes. Consent is a key principle of most data protection/privacy legislations. One of the main benefits of using consent as a PET is that by not consenting to sharing or storing your data you add the first layer of data protection
Practice the Principle of Least Privilege (PoLP) – According to PoLP (also a very powerful PET), a subject should be given only those privileges needed for it to complete its task. If a subject does not need an access right, the subject should not have that right. Further, the function of the subject (as opposed to its identity) should control the assignment of rights.
Our data is in no doubt one of our most powerful assets. And, with power, comes responsibility. Let us start today but protecting what is rightfully ours. We, at eXate, strive to orchestrate smart data privacy. Read more about our products and the Hard Problems We Solve and our PETs here.
How to Keep Your Passwords, Financial & Personal Information Safe in 2020
Digital Guardian has compiled 101 Data Protection Tips to help you protect your passwords, financial information, and identity online.
15 Examples of Social Engineering: Real-World Attacks
In this article Tessian look at 15 social engineering examples — some big and some recent — all using different techniques. They also highlight the ways to avoid falling victim to these sorts of attacks.
French watchdog says Google Analytics poses data privacy risks
Google Analytics, the world’s most widely used web analytics service developed by Alphabet’s Google, risks giving U.S. intelligence services access to French website users’ data, France’s watchdog CNIL said on Thursday 10th February.