By 2020, more than 30.7 billion devices will be connected to the Internet. On one hand, that gives people access to information all over the world as well as an opportunity to electronize the processes and let the workflow be more efficient. On the other hand, there is a big risk of identity theft, fraud, stalking, bullying or hacking. So what can we do about that?
“By three methods we may learn wisdom: First, by reflection, which is noblest; second, by imitation, which is easiest; and third by experience, which is the bitterest.”
― Confucius
Let’s stick with the first and second one to avoid the third. Respecting Privacy, Safeguarding Data and Enabling Trust is the theme for Data Privacy Day (DPD), an international effort held annually on January 28 to create awareness about the importance of privacy and protecting personal information. Many organizations try to rise the awereness about the importance of data protection in case of individuals as well as institutions. One of them is The National Cyber Security Alliance (NCSA). To promote a safer, more secure and more trusted Internet, NCSA recommends to follow these advices:
- If you collect it, protect it. Follow reasonable security measures to protect individuals’ personal information from inappropriate and unauthorized access.
- Be open and honest about how you collect, use and share personal information. Clearly communicate your privacy practices and any tools you offer consumers to manage their data.
- Don’t count on your privacy notice as your only tool to educate consumers about your data practices. Communicate clearly and often to the public about what privacy means to your organization and the steps you take to achieve and maintain privacy and security.
- Create a culture of privacy in your organization. Educate employees about their role in privacy, security and respecting and protecting the personal information of colleagues and customers.
- Conduct due diligence and maintain oversight of partners and vendors. You are also responsible for how they use and collect personal information.
So what do you think? Did NCSA cover everything that needs to be done to avoid data or identity theft? And how about the attitude towards the data security in the company you work for?