For the tenth annual Data Privacy Day, cybersecurity experts from across the industry offered their advice on how both individuals and organizations can protect their data.
Wes Widner, Norse's director of threat intelligence and machine learning, said in comments emailed to SCMagazine.com, that consumers and vendors should become more familiar with encryption.
“You don't need to have an intimate knowledge of the algorithms used behind the scenes, but know about the various types of encryption that are available,” Widner said.
Widner also recommended users and vendors develop a hierarchy for their data so they know which is more important and requires higher levels of protection. Once this is done, Widner said it's important to develop a corresponding plan on how to protect said data.
Other tips place the security burden on the user so they don't inadvertently let in the bad guys.
Dave Martin, security expert and director at NSFOCUS IB, told SCMagazine.com in emailed comments that consumers should establish a separate or out-of-band communications path with anyone who has contacted them online asking them to verify account information.
“Never use the link they have provided in an email or text, even if it looks authentic,” Martin said. “You should use a new browser tab or window to navigate directly to the site asking for the account information to determine if the request is legitimate,” he said.
Martin also said consumers should always use anti-virus or malware detection programs for their personal machines.
The National Cyber Security Alliance (NCSA) recommended in a in a Jan. 28 post that consumers be more aware of the information they share and understand the true value of personal information.
NCSA researchers said users should “own their online presence” by setting privacy and security controls to their comfort levels and keeping track of what is shared. They pointed out that the once on the internet data is hard to remove so users should always carefully consider how their posts will be perceived by others.
Another handy and readily available tool to enable better data security is using two-step verification or multi-factor authentication whenever it is offered to prevent unauthorized access, the researchers said.
Parental involvement in their children's online life is also imperative with the Electronic Frontier Foundation (EFF). The organization reminded visitors to its website that cybersecurity and privacy extend into the classroom as schools provide students with devices and adopt cloud based education platforms.
The EFF advised parents to ask questions if they are concerned about their student's privacy and to monitor the privacy and security configurations of these devices and platforms, in the organization's tips for student privacy.
The EFF also recommended parents have a clear understanding of what devices and applications their students are using.