Data Privacy Day – 5 Ways to Secure Data
Data Privacy day is celebrated globally on the 28th of January. The goal of the day is to increase awareness on ways to secure data.
Some things like employing a password manager, and being aware of what is personally identifiable information can go a long way to improving your own data protection, and securing your personal information online.
This year, Brush is committed to celebrating Data Privacy Day by sharing some ways to secure data online.
5 Ways to Secure Data and Enhance Data Protection
1. Enable 2 Factor or Multi-factor Authentication
When it comes to the world of social media and online shopping one of the most effective steps everyone can take at securing their account is to enable to additional security options offered for authentication.
2 Factor or Multi-factor Authentication will require when you log into your account that you enter something you know (like your password) and something you have. The something you have could be a code texted to your mobile device or generated through an app like Authy, or a fingerprint scan.
These additional steps make it harder for someone who has maliciously gained your password to access your account.
According to the Cybersecurity and Infrastructure Security Agency (CISA), “Implementing MFA can make you 99% less likely to get hacked”.
For accounts like social media, banking, online shopping, this one step can enhance the protection of your personally identifiable information immediately. It’s not a silver bullet, but it significantly increases your protection.
2. Use Strong and Unique Passwords
The days of using Password123 or 123456 as your password should be long gone, yet many users still use very common passwords.
One of the easiest ways to ensure that your personally information online remains secure is strengthening your passwords.
By extending your password length from 8 to 12 characters you can immediately make it more challenging for someone to hack your password.
According to research done by Hive Systems, the average time to crack an 8-character password would be 39 minutes.
However, if you increase your password length to 12 characters you can increase that length of time to 3,000 years.
The Easiest Way to Secure Data
One of the easiest ways to increase your password length without sacrificing being able to remember it is to create pass phrases.
These phrases can help make it easier to remember and recall your password.
We recommend our users choose 2-3 things that are unrelated to each other and have some great ways to help with password memory.
If a website requires additional complexity, you can always build it into those words with things like a number or symbol in place of a letter.
Another best practice for data protection is to make sure that you aren’t using a single password for everything.
The risk when we do that is that if a privacy leak happens on one site, all of your personal information is now at risk.
3. Be Watchful for Phishing and Smishing
Phishing has become a much more known element in recent years.
Threats have evolved intensely beyond the original “Nigerian Prince asking for money” schemes.
These phishing scams now can vary from laughably bad, to extremely sophisticated attacks.
The best prevention and protection for date privacy is to be watchful from the beginning.
Smishing is a gaining traction as another common attack approach risking individual and corporate data privacy.
These attacks will target users via SMS or text message and ask them for funds, gift cards, access.
In either case, the most important thing to do is pause and verify before you click or send anything.
According to Statista, there are over 611,800 known Phishing sites detected worldwide.
Red Flags to Avoid as a Way to Secure Data
- A request that doesn’t make sense given the circumstance.Would your CEO really text you on your first week and ask you to go purchase $500 gift cards from Walmart for him?This should be a red flag.
- Email addresses that don’t align with the sender.We see email addresses spoofed often in these attacks where it will say one name like Jen Dalton as the sender.Upon inspection the email address behind it is something similar to 128848@notbrushclaims.com.
- Another common attempt is to gain access to someone’s email history and send a spoofed email in reply to a valid former conversation.The red flag to watch for here would be a reply to a conversation in a time frame that doesn’t make sense.(i.e. Asking you to look at an invoice when you haven’t worked with that vendor in over a year)
- Suspicious URLs are one of the easiest ways for threat actors to try and gain access to your data.Hovering your mouse over links to view the underlying URL can be a quick verification. If it’s not an expected email you should validate it externally.An example would be an email saying your Facebook account request was processed but you don’t recall requesting one. Instead of clicking the link, log into Facebook directly.