Data Protection Refresher

by

At the center of information security exists an ongoing effort to protect confidential information. Cybercriminals are constantly on the offensive, using a variety of tactics in hopes of stealing data and, by extension, money. Here’s a quick refresher of what’s at stake, how it’s vulnerable, and what you can do to ensure the privacy and security of information.

The Type of Data at Stake
On a personal level, home addresses, full names, birthdates, banking numbers, and national ID numbers all represent just a few examples of data that cybercriminals seek out. They also seek confidential corporate information such as business strategies, top-secret recipes or blueprints, employee directories, and more.

How Data gets Stolen
In some cases, data theft involves highly sophisticated cyberattacks. In most cases, however, criminals use social engineering — emotional manipulation tactics designed to mislead people into doing something they shouldn’t. Human error, such as misconfiguring network settings, accidentally leaking information, and using weak passwords, are also common contributors to data theft.

Your Role in Protecting Data
Whenever you’re granted access to sensitive information, you become responsible for its privacy and security. While data protection involves many factors, here’s a quick rundown of the fundamentals:

  • Always follow policy. Organizational policies exist, in part, to ensure that confidential information remains confidential.
  • Use strong, unique passwords. The longer the password, the harder it is to crack. Make sure every account gets its own unique password.
  • Avoid assumptions. You can prevent social engineering attacks by not assuming someone is who they claim and by using situational awareness.
  • Learn the warning signs. Phishing attacks can be identified by common signs like bad grammar, urgent or threatening language, and random links or attachments.
  • Ask questions. If you need clarification on anything, or are simply curious to learn more about protecting data, please ask!
  • Report security incidents immediately. If you see something, say something. The longer an incident goes unreported, the more harm it could cause.

Article retrieved from Data Privacy Fundamentals by The Security Awareness Company – KnowBe4, Inc. (2023)