We should all hope that 2014 is going to be a more secure year for our data. It seems that every day brings fresh news that our data has been compromised in one way or another. The chief culprits appear to be government departments, banks and hospitals which are being forced to own up to data breaches. The fines being levied by the Office of the Information Commissioner are higher if the organisation is caught out rather than owning up to a breach.
In addition to lost data disks, there are paper records discarded in public dustbins and lost laptops by the boat-load. Security which was trumpeted by ministers as being paramount seems to have been very low on their priority list in their own domains. It is also lamentable that there has been a deliberate policy of hiding the facts from those people most at risk.
We must be vigilant as these data breaches might not affect us until some date in the future. Criminals will wait until the furore has died down before using the data illegally.
Let us make sure that 2014 is a year of increased data security, here are a few precautions that can help to reduce the possibility of data loss:
- Always shred or burn confidential documents or documents having identifiable data;
- Very confidential documents should be cross shredded rather than strip shredded;
- Never give passwords or log on information to email enquiries, telephone callers or visitors;
- HMRC will never refund overpayments of tax to your credit card; It is a scam.
- Be wary of emails directing you to a bank or other secure site which asks for personal information;
- Never give passwords or pin numbers to anyone calling on the telephone even if they identify themselves as police or bank officials;
- Do be aware that information put into social sites such as Facebook may be visible to people other than the intended audience. Dates of birth, names and addresses, telephone numbers and details of family can be used to steal identities.
- Never dispose of old computers/laptops or tablets until the hard drives have been removed or destroyed; remember deleting or re-formatting the disk does not actually delete the data;
- Never leave confidential documents on desks overnight or when unattended (clear desk policies);
- Laptops should be secured with a multi-strand cable to an immovable object like a radiator, when unattended;
- Laptops should be password protected;
- Laptops and tablets should kept close to you in public places to prevent theft;
- Laptop disks should be encrypted, if data is sensitive;
- Never share passwords and use complex passwords to prevent other gaining access to desktops and laptops;
- When considering a complex password use a £ as this is not available on non UK keyboards;
- Never leave desktops and laptops logged in and unattended;
The list goes on and on but use common sense – assume that the worst may happen and take precautions to stop or at least reduce it.
Let us all have a happy and safe 2014
Consultancy, Quality Matters Limited.