Holidays have always been working days for bad elements. These are times when people leave their homes to go on vacation or visit other relatives and friends. The National Privacy Commission (NPC) notes that personal data breaches have been known to happen during holidays because, usually, only a skeleton force stays on company premises. Locally, remember the 2016 personal data breach that occurred at the Commission on Elections, now termed Comeleak. Also remember the Bangladesh bank heist? The one that involved a local commercial bank? That also happened over a holiday.
The NPC has issued security reminders for both individuals and Data Protection Officers assigned to protect critical personal information.
For Data Protection Officers:
- Place non-mission critical systems offline especially those that contain or have access to personal data.
- For systems that are kept offline, ensure that all system activities are recorded and the aforementioned logs are secure.
- Password protect or encrypt files and databases on servers, desktop computers and other devices.
- Conduct a backup of systems and databases.
- Information Security team needs to retain the ability to remotely monitor systems and be ready respond to any unusual activity.
- Discourage physical breaches by securing office premises adequately.
For Individuals (statements in italics are direct quotes from NPC Commissioner Mon Liboro):
1. Double-check if your laptop or mobile phone has been updated with the latest security patches.
“Being on the road or away from your home network would mean that data connectivity would be slow and quota is very limited, and so you won’t be able to do this reliably”
2. Make sure your personal and work data are backed up securely.
“Personal records and files that contain personal data, like passports, health records, bills or tax returns should be kept secure, and if they are no longer relevant, it’s a good idea to destroy them by shredding them or burning them”
3. Turn off your home network router if nobody is going to be left at home.
“Powered-off devices, not just home appliances, will not only save you money from unnecessary electricity consumption, but also deny criminal(s) an avenue to attack your home remotely.”
4. Be aware of phishing scams and fake websites.
“Users need to be vigilant of emails and fake websites that aim to extract log-in credentials from unwary users. There has been an increase in these and users need to be cautious in accessing their accounts from their own devices and most especially from shared devices”
5. Do not connect to Wi-Fi Networks you do not know.
“Just because a Wi-Fi network announces itself to having free internet it doesn’t mean you should connect to it, only connect to official and trusted wireless networks of hotels and resorts.”
Can you think of any more security reminders for holiday seekers? Do share via the comments below.
Happy and safe holidays to all!
Photo image courtesy of Blogtrepreneur (blogtrepreneur.com/tech)