November 07, 2017

Information Security Best Practices: 20 Ways to Protect Your Privacy Online


According to the Department for Digital, Culture, Media and Sport, research has shown that “more than 80% of people feel that they do not have complete control over their data online”.

That’s not a surprising statistic considering the growing use and reliance on technology and digital information in the workplace and home.

Unfortunately, cyber threats and data breaches are increasing too. According to the Ponemon Institute’s 2017 Cost of Data Breach Study: Global Overview, the odds of experiencing a data breach are now as high as 1 in 4.

Here are 20 ways organisations and individuals can improve online privacy:
  1. Stay up-to-date with privacy laws. One of the newest is the General Data Protection Regulation (GDPR), which strengthens data protection for citizens who live in EU countries and applies to organisations around the world
  2. Set a screen password or PIN for every mobile device. Any lost device without a screen lock is unprotected.  
  3. Don’t use easy-to-guess PIN numbers or passwords. Strong passwords avoid patterns and are long. A password manager can help.
  4. Securely shred all paper documents that contain confidential information. Implement a Shred-it all Policy in the workplace.
  5. Install anti-virus and anti-spyware software, and a firewall on all hard drives.
  6. Keep software up-to-date. In general, most will keep itself updated. Be sure to turn on auto-updates.
  7. When setting up an internet-enabled device, use a unique username and password not the default. This protects the device from hackers who break into Wi-Fi-connected devices.
  8. Don’t share files or confidential data on public Wi-Fi.
  9. In public places, use a virtual private network (VPN) so traffic is routed through a secure single remote server.
  10. Encrypt data on all mobile devices including USB drives. This will make the data unreadable by anyone who doesn’t have permission to access it.
  11. Don’t post confidential information on social media. Use the privacy settings to hide personal information such as birthday, home town, etc.
  12. Websites can identify your whereabouts from your mobile phone. Unless you need the GPS tracking function, turn it off.
  13. Use two-factor authentication to help keep strangers from accessing accounts. Even if your password is stolen, a second verification step will be required.
  14. Unless you’ve initiated contact or know who you are dealing with, don’t give out personal information on the phone, through the mail, or over the Internet.
  15. Don’t open files, click on links, or download programs sent by strangers– it may be a phishing scam and can expose your system to a computer virus or spyware.
  16. Going on holiday? Turn off a home router unless you need it to access smart devices such as the thermostat or a security camera.
  17. Don’t use the automatic login feature on computers that saves user name and password. Always log off when finished.
  18. If you don’t see or understand a website’s privacy policy, consider doing business elsewhere.
  19. If possible, keep wireless settings turned off on wearable devices such as fitness watches, until you choose to upload data to your phone.
  20. Data on a hard drive cannot be permanently deleted or removed. Physically destroy hard drives when they are no longer needed.
Start Protecting Your Business 

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and data security survey.