- Security TWENTY
- Women in Security
Today is Data Privacy Day. Trying to maintain your privacy online is a little bit like trying to maintain a healthy diet, says Andrew Filev, pictured, founder and CEO, of Silicon Valley-based workplace software firm Wrike.
Everyone has opinions about what the biggest risks are, and conflicting approaches to mitigating them. The way that we work is changing and as a result, so are security risks. Today’s workforce is increasingly mobile, remote and connected to work through the cloud and devices – so your security measures should reflect that.
Ever noticed someone peering over at your phone screen or newspaper when on the tube? Most people look over their shoulder when at an ATM to protect their pin and the same threat exists when you’re sitting in a cafe, shared workspace, or on public transport. Despite its simplicity, a privacy screen that stops wandering eyes from viewing your screen should not be overlooked as a critical piece of the puzzle in protecting your personal data and the data of your employer, clients, or partners. Some apps even have built in blurring features to hide information within them.
Think about it – most apps use your email account to verify your identity. That means if someone can access that account, they have everything they need to reset passwords for your banking, cloud, and even enterprise apps you use at work. Two-factor Authentication (2FA) puts an extra layer of security between your data and would-be threats, to help ensure only you can access it. It’s critical to use 2FA when available on all of your apps to prevent a breach of one app spreading to others. Unfortunately, according to Google engineer Grzegorz Milka, less than 10 percent of Gmail users use 2FA as of 2018.
When you’re collaborating with people outside your organisation, convenience may tempt you to store a document in the cloud and turn on link-sharing to give them access. I strongly recommend resisting this temptation. Instead, keep files password protected with the ability to revoke access and in a platform that provides a record of who has accessed it and when.