As more and more of our lives are stored and spent online, it is hugely important that we understand how to protect our personal information from malicious elements, and that we know how any personal information shared to a third party will be handled.
Anyone who shares or stores information online could be the target of an attack. Therefore, we all need to think about how we are sharing and storing data online.
Your personal data is sensitive information, which could and can be anything from your name, address, email, telephone numbers, bank and credit card details, health information and much more.
One way that our data is protected is by the General Data Protection Regulation (GDPR). The GDPR is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union. However, this framework doesn’t necessarily stop the criminals out there who choose not to follow the law. Therefore, it is important that we are aware of the dangers that sharing our personal data online can bring.
What are the dangers of not your protecting data online?
One malicious element you may have heard of is hacking. The definition of a hacker is someone who uses computers to gain unauthorised access to data. This is a serious risk for people who share or store personal information online, as well as companies that hold sensitive data of their customers and employees.
But there are many other types of dangers out there which emphasise the importance of keeping your data safe online. These include:
• Viruses – These usually infect personal or company IT systems that are connected to the internet, via a downloaded file.
• Malware (malicious software) – Trojans and spyware may read your data and transmit it across the internet, or wipe it completely.
• Ransomware – Software that stops access to vital data and issues a ransom for its safe return. This data is then destroyed if payment is not made
• Phishing – This is an attempt to obtain sensitive information by disguising as a trustworthy sender/site. It could obtain links to a website that looks the same as the real site, asking you to fill out your personal details.
• Social engineering – The attacker uses some easily accessible information as a basis for a phishing attack. The attacker relies heavily on human interaction and often involves tricking people into breaking security procedures or sharing personal information that could be used to steal an identity.
As you can see, there is a range of dangers that you could be subject to if don’t protect your data. Therefore, it is vital that you actively protect your personal data online and that companies you share your data with have a strategy in place to ensure they protect the data they store.
So what can you do to keep safe online?
There is a range of actions that you can take to keep your personal data safe online, and these include the following:
• Be wary of emails from unknown sources and be sure to check email and website addresses carefully for any anomalies before inputting any personal information.
• Check emails for any strange requests. If you do notice anything that seems odd and you are not sure if it’s legitimate. Ring the company they are appearing to be and find out whether it is them or not.
• Spam emails, “free” offers and online quizzes are all examples of tactics to entice you to click on dangerous links or give up your personal information. Always be wary of offers that sound too good to be true. If they feel too good to be true, they probably are.
• If you have any doubt of the legitimacy of the email, do not click on any of the links. Instead, open a browser and type the web address of the website you want to visit. This will ensure that you visit the website you intended to.
• Be cautious about what you share online, particularly when it comes to your identity information, as it can potentially be used to impersonate you, or guess your passwords.
• Make passwords for your accounts hard to guess. Use a mixture of uppercase and lowercase letters, numbers and symbols. You could use a password manager which stores your login information for all the websites you use. Password managers encrypt your password database with a master password – the master password is the only one you have to remember. Be sure to make a difficult password that would be difficult to guess and don’t share it with other people.
• Use a Firewall. This blocks unauthorised access to your computers and devices.
• When shopping online, always make sure that the site’s address starts with “https”, instead of just “http”. This means that the website is secure and uses encryption so your data can’t be intercepted by others.
• Keep your software updated so that you have the latest security measures installed.
What we do at Shepherds Friendly Society to keep your data safe
At Shepherds Friendly, we have a security strategy in place to cover any potential risks with the data we store on our members and employees.
Marcus Williams, Information Systems Manager, said: “Keeping our member’s data safe is of the utmost importance to us.
“Internally, we carry out security audits to make sure we have all security risks covered. We do these regularly to ensure we are covering all bases.
“We encrypt all our data and ensure we keep up-to-date with regulations including GDPR requirements, and our member online log-in has a two-step authentication to ensure a member’s online account is completely secure and only they can access their account.
“We also carry out in-house training with all our staff so that they understand what types of risks there are which relate to personal data, and how to act accordingly in their day-to-day activity with these in mind. For example, we train our Member Services Team to do thorough identity checks over the phone, so they can confirm they are talking to the right person.
“However, Shepherds Friendly will never ask for any passwords via phone or email, and it is important that you don’t share passwords with anyone.”
Remember, always be cautious about what you do online, which websites you visit, and what you share. Keep in mind that companies would never ask for your password over the phone or via email once you have set it up. By taking preventative measures, you can save yourself from headaches later on.