Data Protection Day, also known as Data Privacy Day in the US, is an annual, internationally recognised day created to raise awareness about data security, and promote privacy and data protection — an issue which has become particularly pressing in recent years, thanks to all of the mainstream media attention on the myriad data breaches rocking businesses and consumers.
Just in this last year, we have seen breaches, ransom attempts and hacks at Marriott, Facebook, Instagram, Burger King, Capital One, Words with Friends, Adobe Creative Cloud, Canva, Microsoft email services, and Fortnite, just to name a handful and there were many more. The totality of the situation, sadly, worldwide would amount to literally millions of attempts on businesses and sites of all sizes and with varying levels of security currently in place.
It’s not just companies, either. While the public openly condemns and loses trust for businesses that are exposed to breach, a staggeringly large percentage of the population see data security as the responsibility of companies. Even when organisations put in increased security in the form of two-factor or multi-factor authentication, a majority of the public opt not to use them.
Why is Data Protection Day Important?
As digitisation sweeps across companies, providing significant opportunities for progress and growth, so too it opens up the opportunity for hackers to infiltrate systems and expose or steal company or customer data.
The challenge most common today is that many organisations are jumping on board with digitisation, while not entirely understanding the risks that it can present and what precautions should be put in place to minimise them. More surprising is the fact that lax security isn’t, as you might expect, associated with SME’s as 52% of the world’s most profitable companies do not publish details on their websites of how they protect the customer’s data which raises the question ‘are they implementing online security’ .
Data Protection Day helps to keep awareness growing across the globe, about what kind of risks are present and what kind of solutions can be applied to neutralise or fight against them. On this day, governments, data protection bodies and others fighting for data protection work to educate and promote best practice to keep data safe. These efforts are directed at both businesses and the public.
Practical Steps to Data Protection
At Authlogics, our entire organisation is built with the specific mission of helping businesses to achieve the highest possible level of security. We have worked with numerous organisations to achieve this, including Salisbury NHS Foundation Trust who we will be supporting on Data Protection Day at their event discussing data protection.
To help you on your journey toward data protection, we want to share the steps we took to secure Salisbury NHS Foundation Trust:
- Password Management
Passwords are at the root of most security breaches. As such, they must be managed appropriately to deter staff from using weak or already breached passwords. Contrary to popular belief, this does not mean using complex passwords; it can be done using an easy to install system Password Security Management (PSM) able to secure the corporate Active Directory and checks all passwords, automatically, against a database of breached passwords to ensure that no breached passwords are used in the business.
- Multi-Factor Authentication
Multi-factor authentication should be, at a minimum, something that you’re considering and planning to move toward. Without eliminating the reliance on passwords alone, systems will remain at risk of breach. Multi-factor authentication helps to add an extra layer of protection in a variety of ways.
Deviceless or 1.5 Factor authentication delivers a one-time code, without the need for a separate physical device, while 2-Factor Authentication solutions could use smartphone solutions which use fingerprint or face ID.
- Create a Culture of Cybersecurity
Introducing new solutions to staff and customers can be daunting, and communication is essential to getting everyone on board. Cybersecurity is important and is taken most seriously when it is effectively explained to staff and customers.
We advise creating staff handbooks and regular updates about cybersecurity. Similar communication should be crafted for customers so that they can understand the benefits and get on board with your solutions.
To learn more about Data Protection Day or how Authlogics can help secure your business, give us a call.