- Security TWENTY
- Women in Security
Sunday, January 28, was Data Privacy Day; but shouldn’t every day be Data Privacy Day?! IT and cyber security people have warned that the deadline is nearing for the European Union-wide general data protection regulation coming into force across the EU – and that includes the UK, regardless of the 2016 vote for Brexit.
You can find out more about the GDPR at the website of the data protection regulator, the Information Commissioner’s Office (ICO). The cyber and information security awareness consultancy Advent IM, in an effort to make the topic more digestible, have come up with something to occupy your attention at your tea break: a crossword on the theme of GDPR.
If you are old-fashioned enough to want to print off the crossword so you can get to work on it with pen and paper, visit http://www.advent-im.co.uk/wp-content/uploads/2018/01/DPD18-Crossword-v1.3.pdf.
And remember, looking up the answers isn’t really the point.
Meanwhile, what should any of us do? Joseph Carson, Chief Security Scientist at Thycotic, an account access management product firm, suggests:
1) Limit Personal Identifiable Information on Social Media
Whether you are about to create a new social media account or if you already have an existing account make sure that you only enter the basic information required to get the account activated and not to put excessive information that could put you at risk. Many social media services will try to tempt you to put more information like date of birth, home address, location details and mobile numbers to make it easier for other people to find you but in fact this increases cyber security risks and cyber criminals can also find this information. If you have already added this information set them to hidden or remove them from your profile.
2) Limit on how often you like a status or follow a page or allow an application to access your social media profile
When using social media on a daily basis be aware of the risks of liking, following pages or allowing different applications to access your profile as when access is provided many people do not have a good cyber hygiene on cleaning them up when no longer required. Note that information is shared and unless they get revoked they will continue to have access to your profile data for example, name, email, address and likes friends etc. On occasion go into your account and review what you have approved access and decide whether it would no longer have access and revoke them.
3) Before “clicking” stop, think and check if it is expected, valid and trusted
We are a society of clickers; we like to click on things for example hyperlinks. Always be cautious of receiving any message with a hyperlink and ask yourself was this expected, do I know the person who is sending it and on occasions ask the person did they actual sending you something before clicking on something which might be malware, ransomware, a remote access tool or something that could steal or access your data. Nearly 30% of people will click on malicious links and we need to be more aware and cautious. Before clicking, stop and think.