In a world ruled by data, it is frightening to think how few people take protecting their information seriously. While it has become easy to share everything from your email address and mobile number to more sensitive things such as your ID number and other personal details, what are the consequences of not safeguarding your data?
“The likes of GDPR and POPI (which many consider being a first iteration of the former on South African shores) are forcing organisations to take the necessary steps to protect data and manage it properly. But when it comes to individuals, whether that be as consumers or employees, more needs to be done to educate them on the seriousness of a compromise or not having backups in place,” says Trent Odgers, Cloud and Hosting Manager, Africa at Veeam.
Although this data regulation helps keep organisations in line with legal requirements, consumers do still carry responsibility for protecting their personal data. This data can take the form of photographs, documents, and other important records that are increasingly stored on cloud-based services in addition to ID numbers, bank details, and so on.
“It all starts by questioning everything in the digital world. People need to understand what they are agreeing to, and the trade-off, especially when it comes to mobile apps and freely available services. The majority simply accept the terms and conditions without reading them through. And while not accepting them will mean being unable to use a specific app or service, sometimes it is better than the alternative of having personal data spread across the Web. This is especially in the case of anything free. Ask yourself, why is it free and then you might think twice before unknowingly handing an organisation all or the peripheral data that your smart device can provide them”
And being cautious does not necessarily mean focusing only on the cloud. A person must consider the implications of older technology. Just think of all those flash drives people have lost over the years. Some might contain innocuous bits of data whilst others could provide a malicious user with a treasure trove of information that can be used to compromise a person.
Similarly, many business parks require visitors to provide their ID numbers or even licence cards before gaining entry. People have the right to know how this information is being used and how that business park will go about safeguarding it.
The popularity of FaceApp put the spotlight on the rights of the individuals and what companies can do with their data, in this instance their photographs. Many argued that this was a form of spyware that could store people’s personal photos on their servers until perpetuity. Cynics counter-argued that if a site like Facebook already has that information, what difference does it make if others have it as well?
“Irrespective, people should bear in mind that even if they are using trusted platforms like Apple, Android, and Microsoft, it does not mean that every app they are using is secure. The app stores simply cannot check all security aspects of any given app. In the case of FaceApp, if a person is unsure about the merits of sharing photographs then it is advisable to simply not install the app.”
Education, education, education
Simply put, users need to be better educated on how best to safeguard their data. From an organisational perspective, it can either go down the incentive route or one of penalties if people compromise sensitive information. It is important for employees to understand the there are serious repercussions for a company that does not comply with legislation.
“The importance of data availability throughout all this becomes essential. People expect companies to have data always available and accessible. This can take the form of products and services but also secure access to their own data (photos, documents, etc.). To this end, consumers must make three copies of their data, store two of those on different storage media, with one off-site (such as the cloud). This becomes essential to protect data in the always-on digital world of today.”