This Tuesday, January 28th, marks a significant day of observation. No, it's not another presidential holiday. And you probably won't get the day off from work - at least not without calling in sick. January 28 is in fact Data Privacy Day. Led by the non-profit public-private partnership National Cyber Security Alliance, Data Privacy Day is a concerted, international effort that aims to educate and empower users to better safeguard their personally identifying information and take control of their digital footprint.
The effort stems from the recognition that copious amounts of private data are flowing freely in cyberspace - leaving users inherently vulnerable to identity theft and unauthorized access to their private information. In light of the current IT environment, it behooves all users - from individuals to multi-national corporations - to be vigilant regarding the security of their personal data while applying best practices whenever possible.
Acknowledging data privacy on January 28 isn't arbitrary either. The day commemorates the January 28, 1981 signing of the Convention 108, the first legally binding treaty around privacy and data protection.
So, in the spirit of Data Privacy Day, the team at Fortinet is offering up the top 5 ways to protect your privacy:
It's an oldie but goodie - passwords need to be long and complicated, employing a creative mix of upper and lower case letters, numbers and symbols. It doesn't take a rocket scientist to guess that numerous users will rely on "password" or "12345" as their primary login credential, even for their most sensitive financial and personal accounts (and most hackers aren't rocket scientists.) In fact, these days, brute force attacks can easily bypass most dictionary passwords - a fact also not lost on hackers. So get creative. In that same vein, come up with a creative password for every account. You don't want to give away the keys to the kingdom in the off chance that someone does access your unique and creative password.
There is a litany of rationalizations users make when circumventing security policies at the office. That said, security policies exist for a reason. For example, if security administrators have blocked access to a Web site on your work desktop, there's a good chance that it's a malware or spam site. If data leakage policies prevent you from sending certain information over email, it's likely because that information could damage your organization if it fell into the wrong hands. Pay attention and work with security administrators if a rule prevents you from doing your job. You don't want to be the weak link that exposes the entire company to a malware attack.
Sure, it may be tempting to click on the embedded link in that email or social networking message. It might lead to another cute kitten video. But are you really sure it came from a friend or trusted source? Really? These days, cybercriminals are finding increasingly effective ways of tricking users into clicking on malicious links that can compromise their computers. Their methods include spoofing your friends' email and social media accounts and targeting victims with a personalized - and disarmingly convincing -- message. If a link looks suspicious, it's better to play it safe and hit the delete button.
It's no secret that whatever you share online will stay there for a long, long time. To that end, users need to be fully in control of their privacy settings on all of their social media accounts. Take the time to learn about the various privacy settings and understanding what they mean. In addition, be aware of what information you post online. Personal information such as phone numbers, addresses, full date of birth, travel plans, social security numbers, and financial information should not appear anywhere on your profile. A good rule of thumb might be to refrain from sharing anything that you wouldn't want a college admissions board or future employer to see, among other people. Remember, what you share is only as secure as your most unreliable friend.
Once upon a time, mobile users could freely share texts, emails and IMs in relatively secure environment. But, as Fortinet researcher Axelle Aprville ascertains, those days are long since over. In fact, with the explosion of mobile malware in the last decade, mobile users need to be more security-conscious than ever. That means adjusting privacy settings and limiting access on your device when using public Wi-Fi. It also means relying on strong authentication mechanisms for device access and even implementing mobile security software to detect viruses. Cybercriminals are increasingly turning their cannons on the mobile realm, and users shouldn't get complacent.