I’m a bit late in posting this but I received some important tips from the National Privacy Commission (NPC) on how to be safe online. They cover online security for the Holy Week but are also relevant for all other long holidays.
For Business and Government Agencies
In an advisory sent by the NPC to all government data protection officers (DPOs), NPC enjoined the DPOs to “ensure the security of personal data in their respective agencies’ care during the long weekend of Holy Week 2017 (13 to 16 April 2017).
- Place non-mission critical systems offline especially those that contain or have access to personal data.
- For systems that are kept offline, ensure that all system activities are recorded and the logs are secure.
- Password-protect or encrypt files and databases on servers, desktop computers and other devices.
- Conduct a backup of systems and databases.
- The Information Security team needs to retain the ability to remotely monitor systems and be ready to respond to any unusual activity.
- Discourage physical breaches by securing office premises adequately.
DPOs, go through NPC’s suggestions above. Is your organization covered?
Long holidays are usually the time when criminal elements take advantage of people being away from their homes and unable to check their financial transactions right away. History has shown, as in the case of the Bangladesh Central Bank incident and the COMELEAK data breach in 2016, that criminals prefer to strike during extended holidays.
- Double-check if your laptop or mobile phone has been updated to include the latest security patches. Update to the latest OS or app versions before leaving home. Data connectivity on the road could be spotty.
- Make sure your personal and work data are backed up securely.
- Turn off your home network router if nobody is going to be left at home. You not only save money from unnecessary electricity consumption but you also deny criminals the chance to hack into your home network remotely.
- Be aware of phishing scams and fake websites. Many of these schemes are meant to extract log-in credentials from you. When in doubt, do not click on the link inside the email. Instead, type the URL of the bank directly. When accessing your bank accounts while away on a trip, use your own internet connection and not a public wifi network.
That said, we in Blog Watch wish you all a blessed and safe Holy Week wherever that may be.