With organizations collecting and storing massive amounts of personal data these days, much of which people share freely, we need to become better at protecting data on both the storing and sharing side of things.
Organizations must have strong data protection measures in place and everyone should start being more digitally mindful when sharing their own personal data. Ultimately, being careful of what we put out there is the best way to reduce cyberattacks and data breaches.
For organizations, data privacy is a continuous process, not a once-a-year tick-box exercise. Reducing human risk and minimizing data collection are important strategies for data security. For individuals, it’s time to kick start digital mindfulness. Privacy is not about hiding, it’s about controlling your data. Taking small, consistent steps can beat one big privacy overhaul.
KnowBe4’s CISO advisors provide practical advice to both organizations and individuals to take control of their data this Data Privacy Week.
Advice to organizations
- Practice Data Minimisation: Audit your confidential data annually and delete what you no longer need. The best protected data is the data you don't keep. Only collect and store information that is absolutely necessary for operations, as less data means reduced liability.
- Know Your Data Flow: Understand what personal data you collect, why, where it flows, who can access it, and when it is deleted. If you must retain data for future use, anonymize it.
- Invest in Your Team: Reduce human risk with practical training to help employees recognize social engineering tactics, phishing attempts, and emerging threats.
- Be Transparent and Compliant: Clearly communicate your privacy policies to customers regarding what data you collect, how it's used, and with whom it's shared. Review your organization's adherence to relevant privacy regulations (e.g., GDPR, CCPA).
- Fortify Defenses: Ensure all data is encrypted, both in transit and at rest, as a critical last line of defense. Additionally, test and update your data breach response plan regularly.
Advice to individuals
- Stop and Ask Before You Share: Before you hand over your data to an app or website, stop and ask yourself:
- Do they really need this?
- What happens if this information gets leaked?
- Secure Your Accounts: Set up a password manager to create and store strong, unique passwords for every account. Enable Multi-Factor Authentication (MFA) on all critical accounts, including email, banking, and social media.
- Spring Clean Your Digital Life: Start by deleting unused accounts and apps, reviewing subscriptions, and revoking unnecessary permissions. Tighten privacy settings on social media and opt out of unnecessary tracking and marketing.
- Limit Your Exposure: Realize that whatever you give, send, or type in could be stolen and be out in the world forever. Only provide required information on forms, and whenever possible, don't provide more than you need to.
- Check Your Digital Footprint: Periodically use a search engine to look for information about yourself to limit potentially private or personal information from being available in the public space. Consider using browser extensions or privacy-focused browsers that block online trackers.
Data Privacy Week serves as a critical reminder that a proactive and vigilant approach to data protection is the most effective defense. KnowBe4 encourages everyone, from the C-suite to employees, to transform data privacy from a regulatory burden into a core pillar of operational and personal security.
Here's how the Password Exposure Check works:
