Data privacy day 2015

Just in case you haven’t heard, January 28 marks Data Privacy Day, a global initiative designed to raise privacy awareness and promote data protection best practices for businesses, organizations and consumers.

Hacking is of course the most widely reported data privacy issue, with big name companies like Apple, Sony, and Twitter providing a seemingly endless supply of newsworthy headlines. It’s gotten to the point where the hackers themselves have reached a sort of celebrity status – portrayed as misguided heroes fighting the good fight against corporate tyranny.

And while the glitz and glamour of “hacking” continues to make all the headlines, it turns out that the more mundane operations of day-to-day computer use may in fact be the bigger threat in terms of data theft and breaches. According to the Privacy Rights Clearinghouse over 600 million sensitive and private data records have been exposed or stolen over the past decade in the United States alone, with only a portion of those breaches being directly attributed to “hacking”.

What should you be on the lookout for?

Unintended disclosure

Unintended disclosure is a common trap, as most of the online services we use to conduct business and share information are inherently insecure. For example, email, consumer-grade cloud storage, and social networking sites all have data privacy issues that can lead to full-blown data breaches. End-to-end encryption is key here – unfortunately not a feature that all service providers offer.

Hacking or malware

Hacking occurs when an unscrupulous third party gains access to a computer, network or account by exploiting weak passwords and vulnerable software. While big-name hacks routinely make headlines, many hacks go unnoticed for days, months or even years. Keeping your apps up-to-date and using strong passwords can make life difficult for hackers. Accessing your online accounts from trusted networks is a good habit to get into (the local coffee shop just doesn’t cut it). Disconnecting from the Internet entirely may be the only other option.

Payment card fraud

Credit and debit card fraud can also be accomplished without hacking. Skimming devices or cameras installed at point-of-service terminals can quietly copy your data without the typical intrusion signatures hackers leave behind. Stay away from that old beat up ATM in the back corner of that sketchy convenience store.

Insider breach

Employees or contractors can also be the cause of data theft. For example, a disgruntled employee that walks away with confidential data, or a service technician that inadvertently gains access to sensitive files. Protecting data privacy from the “inside out” requires vigilant management of employee passwords, accounts and access permissions. The Chief Privacy Officer is now an essential hire for large organizations and just another hat small business owners must wear.

Physical loss

A lost, discarded or stolen computer, smartphone or tablet is a data breach waiting to happen. Password protecting your computer and encrypting your data can help. Removing hard drives and memory cards before tossing your old computer to the curb is a good idea. Not storing sensitive or private information on devices that could easily be lost or stolen is the best bet.

For more information on how to be a privacy pro, view the Stay Safe Online “privacy checkup” online resource page to learn how to change the privacy and security settings for your online devices and accounts. If you’re using Sync.com for cloud storage you’re already on the right track. Sync provides end-to-end encryption with a data privacy guarantee.