Happy Data Privacy Day!

Today marks national Data Privacy Day – here are 10 tips to keep your information private and secure while online.

 

1. REVIEW AND TIGHTEN YOUR PRIVACY SETTINGS FOR SOCIAL MEDIA

Your digital footprint is constantly expanding as you share more information online, including status updates, geo-location info, and personal preferences/experiences. Given this, it’s important to control who’s looking at this information – keep your social circle of friends tight and take steps to filter who is viewing your information and updates. Check the privacy settings on your social sites to ensure that your info is only being viewed by people you want to see it. Here are some links to help configure privacy settings for Facebook, Linkedin, Twitter, WhatsApp!, Instagram, and SnapChat.

https://staysafeonline.org/stay-safe-online/managing-your-privacy/manage-privacy-settings/

2. USE COMPLEX AND UNIQUE PASSWORDS

Password management is a critical component of protecting your accounts, online identity and sensitive information. Using unique, complex passwords for each account you own is the first step to take in ensuring that your accounts and personal information aren’t improperly accessed or exposed. Long character counts and a mix of upper and lower case letters and special characters add additional layers of complexity, making your passwords harder to crack and more secure.

3. CHANGE YOUR PASSWORDS EVERY 60-90 DAYS OR IMMEDIATELY AFTER A REPORTED SECURITY BREACH

Changing your passwords every 60-90 days is good data hygiene, and of course changing them immediately following a reported breach is key to keeping your information protected from unwanted hands. If you belong to a lot of accounts and feel overwhelmed, use a Password Manager to help you.

4. PUBLIC WI-FI

The main security risk associated with using your own device in a public place, is that the WiFi may not be secured, enabling unauthorised people to intercept anything you are doing online. This could include capturing your passwords and reading private emails. This can happen if the connection between your device and the WiFi is not encrypted, or if someone creates a spoof hotspot which fools you into thinking that it is the legitimate one.

  • Unless you are using a secure web page, do not send or receive private information when using public WiFi.

  • Wherever possible, use well-known, commercial hotspot providers such as BT OpenZone or T-Mobile.

  • Ensure you have effective and updated antivirus/antispyware software and firewall running before you use public WiFi.

  • As an alternative, you could use your own dongle or similar device (such as 3’s MiFi), which will provide you with a secure connection. These are available on a pay monthly or pay-as-you-go basis.

  • Don’t leave your computer, smartphone or tablet unattended.

  • Be aware of who is around you and may be watching what you are doing online. Consider using a privacy filter which effectively blocks the view of your screen from people sitting either side of you.

6. ENABLE TWO-FACTOR AUTHENTICATION (2FA) FOR HIGH-VALUE ACCOUNTS

While two-factor authentication (2FA) isn’t bullet-proof, it is an important line of defense against attackers who are trying to access your accounts after your credentials have already been compromised. By requiring a second factor for authentication in addition to your username/password combination, 2FA also prevents brute force attacks aimed at cracking your passwords to gain access to your accounts. 2FA is especially critical for high-value accounts like online banking accounts or any accounts – such as Amazon, Apple, or others – that store or process financial or otherwise private information. While it may be inconvenient to set up, take the time to do it with accounts where you host or access your most sensitive information. Google, Apple, Twitter, Microsoft and Facebook all offer 2FA, among other sites.

7. USE A PASSCODE ON YOUR MOBILE DEVICE

Protecting your devices with passcodes may be status-quo by now, but if you haven’t done this already you really need to do it… now. Device loss and human error are still the most common ways sensitive information is exposed. You can easily misplace your phone or forget it in a restaurant, the back of an Uber, or any other public location. Take steps to avoid easily giving away your personal data by putting this simple safeguard in place.

8. AVOID OVERSHARING ON SOCIAL MEDIA

Cybercriminals often use social profiling and harvest information from social media sites to launch customized social engineering campaigns that capitalize on victims’ trust while exploiting their emotions. Ensure this doesn’t happen to you by filtering what you say on social sites – even if you have tight privacy settings, attackers could still see info you upload if they have control of someone else’s account. There’s no reason to announce your flight plans, post about when you’ll be away from the house or always use geo-location tags for your immediate whereabouts. You’re putting yourself at risk each time you do this. For more tips how to avoid social oversharing, see our infographic on the subject.

9. KEEP YOUR OPERATING SYSTEM AND ALL SOFTWARE UP-TO-DATE

Software updates typically contain fixes for security vulnerabilities, so it is important to keep any software applications that you run up-to-date at all times in order to reduce your risk of being vulnerable to cyber attacks. This includes your mobile devices as well, as many iOS and Android apps have been known to contain exploitable vulnerabilities. Where possible, enable automatic updates – especially for your AV program (to protect against the latest threats) as well as for Microsoft, Oracle, Java and Adobe, all of which are popular targets for cybercriminals looking exploit unpatched vulnerabilities and infect your devices.

10. LEARN TO RECOGNIZE AND AVOID PHISHING ATTACKS

Speaking of social engineering and cybercriminals – be on the lookout for phishing attacks. Every minute, someone falls victim to a phishing attack that results in the loss of sensitive information. Phishing attacks began in the mid-1990s and have only increased in frequency since, particularly in the past ten years. Attackers target individuals and deceive them into revealing confidential information by sending fake emails with links to seemingly legitimate websites or infected attachments. Those emails and sites then request private information, such as credit card details and passwords.

Despite their simplicity, phishing scams are still the most potent and popular method of attack because they’re highly successful and easy to deploy, even at large scale. In only 82 seconds – the time it takes from the launch of a phishing scam to a user falling for a malicious link or other trap – one can lose their most valuable personal or financial information. However, there are ways to avoid becoming a victim. Among them:

  • Check your emails with caution

  • Only share information on secure websites

  • Beware of pop-ups and banner ads

  • Check online accounts/bank statements regularly

  • Set spam filters to high and use an AV program

  • Don’t be afraid to report suspicious activity

News Archive
Contact Info
  • Bay House School & Sixth Form, Gomer Lane, Alverstoke, Gosport, Hampshire PO12 2QP
  • (023) 9258 7931
  • enquiries@bayhouse.gfmat.org

Website feedback