When most people hear the word data breach, large companies like Panera, Facebook, Uber, and Equifax come to mind. But, data breaches don’t only happen at large companies. Average end users have data breaches a lot more often since we often leave it up to software companies and app creators to keep us safe. While the majority of companies will put their best foot forward to keep your data secure, it's your responsibility to audit and put in place secondary measures to help keep things that way. The easiest ways to secure your data is by enabling two-factor authentication, encryption, anti-virus precautions, and device wiping. In honor of National Cyber Security Awareness Month, here are our 4 tips on protecting your personal data, straight from our SumnerOne Solutions Team!
1.) Two-Factor Authentication is a Great Defense
This is an example of two-factor authentication working with an online account using a cell phone to add a layer of personal data security:
First, you go to the login page where you enter your username and password. Instead of immediately logging you in the two-factor kicks in. This will then send a text or a call with a one-time code to your device. Once you enter that code, you are then able to access your account. This is just an added layer of account protection that end users can take to secure their data. Two-factor authentication is growing in popularity and is even becoming a requirement by some parent companies to maintain an active account on their website.
Two-factor authentication can be known as 2FA, TFA, two-step verification, or multi-factor authentication. It takes place after you try and login with your username and password. The second factor can be in one of three categories; something you know, something you have or something you are. The something you know could be the answer to a secret question or a pin that is specific to you. Something you have is usually a cell phone or email account that will receive a code to be entered. Lastly, the something you are could be a face scan or a fingerprint using biometric technology.
2.) Encrypting Your Data to Add Security
Encryption is the number one way to secure resting data. By resting data we mean data that is stored on your phone, computer hard drives, or in the cloud. There are quite a few ways data can be encrypted, but here are a few different types you should be aware of:
File Encryption – This level of encryption is keeping the individual file safe. Whether it's sitting on your hard drive or as an attachment, you will still need the key to open that specific file.
Full Disk Encryption – Also know as FDE, this encryption will take a hard drive and encrypt the whole device. This will prevent any access until you enter the key, but once you have the whole disk is now accessible and anything on it.
Pretty Good Privacy – Also known as PGP, this is a method for encrypting emails. When setup, you have a public and private key. You publish your public key for people to use and when they send you a message. The message then can only be decrypted by your private key. Your friends will have to set up one if they want you to be able to send them an encrypted email.
End to End Encryption – This alternative to PGP secures anything that is stored on your account. It makes sure that only you can view your emails even if there is a data breach at the parent company.
3.) Anti-Virus is Needed for Device Security
Whether it's your home or business device, anti-virus should always be used and configured. After being installed many users don't take the time to go into the settings and see how the software is protecting them. Some are set to scan files only when they are open while others will scan a file as soon as it downloads to your machine. The same can be said about full system scans. You want to make sure that those are scheduled, but not at a time when they could impact the performance of your machine while you are working.
4.) Removing Personal Data from Old Devices
Every device we have will ultimately be obsolete one day. When that day comes everyone should have a basic plan on what do. The options for most people are trash, resell or give to a friend or family member. When a device is going to be trashed it is best if you remove the hard drive. After removing it you can then physically destroy it with a hammer or send it to a certified destruction company that will run it through a shredder. If you plan to sell or give your old device away be sure to remove all your personal data. This can be done by using the reset to factory defaults. However, if you want to take it a step further you can get software that will go through and rewrite the drive to make it even harder for someone trying to recover data off your old device.
Recycling an old device is always a great thing to do after you’ve removed your personal information. Whether you’re wanting to recycle an old phone, tablet, or computer, taking this step will remove some clutter from your life and maybe give the device a second chance. The decision is up to you on whether you’d like to recycle or properly destroy your device. Either option is better than leaving an old device sitting around the house collecting dust.
Protecting Your Data is a Multi-Step Approach
There isn’t just one thing that's needed to protect your personal information, but rather a well-rounded approach. When you put these separate pieces together, you'll start to see a security plan that will protect you and your data. From getting your new device and deciding what anti-virus to go with, to deciding what will happen to your devices after they have reached the end of their life cycle. Making decisions to protect personal data on devices is a series of choices that you will continue to make over time as technology evolves.
If you're interested in learning more about protecting your data and implementing a proper security plan, contact the experts at SumnerOne for a security assessment. We will work with you and your business to find the right solution for your needs. Accessibility with security is a phone call away. Click below to contact us to set up your assessment today.
Originally published October 23, 2019, updated January 23, 2019