Safeguard your information on data privacy day and every other day

January 28th, 2019
corporate risk management

by Herb Brychta, PSP, CISSP  – AE Works Manager, Security Risk Management

 

How much information about you can strangers freely access? How much access do you grant social networks to your personal information? And do you have a contingency plan in place if a breach happens?

Data Privacy Day (January 28th) encourages you to look at these details, ask these types of questions and to look after and protect your privacy. Answering these questions is relevant to safeguard both your business and personal info.

Data breaches have affected some big organizations – Target, Home Depot, Ebay, the Office of Personnel Management, just to name a few. There is already a robust set of examples for data breach settlements. This might be an eye-opening summary. A google search will quickly reveal more breaches.

It’s a safe assumption that your organization has at least as much vulnerability as the above-mentioned organizations. Without the resources of the federal government or a billion-dollar company, how do you secure your data? Here are some things to consider and actions to take to help you safeguard your information:

  1. If you don’t need it, don’t collect it. Little pieces of data here and there add up. Unless there is a business need that outweighs the risk of having a piece of data about a client, employee, or business partner, don’t collect it and don’t store it.
  2. If you collect it, safeguard it. Invest in a robust IT security infrastructure. Hire people who know what they are doing to operate it.
  3. Train your staff on the importance of safeguarding information. Everything from printouts and portable devices that access the data to conversations present a potential breach point.

And for consumers, you can look at the flip side of these recommendations and improve your own personal circumstances.

  1. If someone asks you for information, ask them why. Ask yourself – Does this store really need my address? Do I really need to provide my phone number? Tell them no and see what happens. Consider taking your business elsewhere.
  2. Safeguard your personal information. As an example, do you have electronic copies of your tax returns? Keep these off your computer. Don’t leave them sitting in your email inbox for years and years.
  3. Understand technology risks. Public networks are dangerous. Do you really need to check your bank account balance at Starbucks? Is the airport really the best place to fill out a mortgage application? Do this stuff at home.

 

For more information on AE Works’ Security Risk Management services and to see how we can help assess your facility vulnerabilities and protect what’s important: https://ae-works.com/what/security-risk-management/

Interested in learning more about how a threat and vulnerability assessments of your facilities can benefit your organization? Our team can be reached at aeworksinfo@ae-works.com

Now that is our canstruction_pgh structure is built, we’re inviting our friends over to enjoy a #sixpackcan2019 A… https://t.co/JvRNFSpN3Z

#tbt our canstruction_pgh structures through the years! With over 1,000 cans at the ready, we are excited for Satu… https://t.co/sJjDn5ZDtS

#tbt There have been a lot of business cards passed over the last 12 years – including these classics!… https://t.co/doh9lfBOXc