January 28 marks the annual celebration of Data Privacy Day, led by the National Cyber Security Alliance (NCSA). This year’s celebration could not come at a better time: Data privacy and security are top of mind, with the recent SolarWinds breach and changes to Whatsapp’s terms of service sparking important discussions about privacy.
We at Virtru think Data Privacy Day is a perfect time to reflect on your own personal and professional data management habits. Here are three questions to ask yourself, and your organization, about managing sensitive information.
1. Who can access my personal and professional data?
Do some research on the social networking, email and communication apps you use, and understand how these platforms are collecting and using your data. Review your past messages to see if you’ve been sending sensitive data—such as credit card information, healthcare data, or login credentials. Sending this data over unencrypted email or messaging platforms isn’t secure.
For organizations, this question is a little deeper: First, examine the level of access your employees have to sensitive data, and whether they actually need that information to do their jobs. Next, understand what employees do with sensitive information. Are they sharing it via email, either internally or externally? Is your organization protecting or encrypting those emails?
Finally, look beyond your organization to the security of your supply chain. As evidenced by the SolarWinds breach and several others in recent years, it’s important to understand where your data is going, across the full extent of your technology partners, vendors and their vendors. For organizations that are stewards of sensitive Personally Identifiable Information (PII) from customers or patients, or subject to compliance regulations, this is especially critical.
2. How can I improve my data privacy?
At the enterprise level, while you may not be able to prevent a breach into your third-party vendors’ systems, you can still protect your data by encrypting it at the object level, and hosting the encryption keys yourself. This gives you an additional layer of protection and control over your data, no matter where it’s shared, so that only you can grant access. In the event that someone gains access they shouldn’t have, you can use Virtru to revoke access at any time.
Take charge of your personal data by understanding and selecting the appropriate privacy options within the apps you use. Evaluate email security best practices, and ensure that you’re not duplicating the same password across platforms. A single password is easier to remember, but it puts you at far greater risk should that password become compromised. Additionally, enable multi-factor authentication whenever possible.
3. What are the most impactful changes I can make, starting today?
It takes time to build strong data privacy and security habits across your entire digital life—especially if you’re managing a team or an entire enterprise. Start with strong steps that make a big impact: Virtru’s end-to-end email encryption gives you a strong layer of security and control that you wouldn’t otherwise have. Changing your one-size-fits-all password to more secure phrases, unique to each account, can also make a big difference.
Make this year’s Data Privacy Day count: Take the first step toward greater control of your data, everywhere it’s shared.
To learn more about how you can take control of your data, contact Virtru today.