Three Steps to Increase Employee Data Privacy 

Every day, your data is collected. Whether it’s on your laptop, smart phone, or even your fitness watch, your data is being stored and potentially sold. Thankfully, we do have some control over how our data is captured and shared. Data Privacy Week, promoted by the National Cybersecurity Alliance, is January 22nd – 28th, 2023. This week of awareness is a great opportunity to help educate even the most cyber-savvy of us on ways to better protect our personal and business information in an increasingly online world. 

What is Data Privacy 

Data privacy is simply online privacy, and what you choose to share when you’re online or using apps. Which for most of us, is all day every day. Whether your employees are scrolling through TikTok on personal devices or working with sensitive customer data on their work laptop, their data is at risk. This week is a great reminder to update your workforce on your current cybersecurity best practices and remind them how to protect their own online privacy. 

Why your Data is Valuable 

All your online activity, from the websites you visit to the social media apps you use, create a trail of data. For many businesses, collecting your personal information is highly valuable, so companies can learn your demographic and behaviors to target you with advertising (or sometimes more nefarious things, like selling your information to lists that will spam you). 

Users can usually control the amount of personal data shared through app settings or by choosing not to share information at all. Does the fun, new mobile game you want to download really need access to all your photos and contact list, for example? 

Data, both personal and related to your organization, is precious. Take some time this week to connect with your staff and remind them of some super easy ways they can protect both your business information and their personal data while they’re off the clock. 

Step One 

Empower employees to better identify phishing messages, which can be sent as emails or texts.  

Many requests are now coming via SMS message – also known as “smishing” – and junior employees who do not know their CEO or supervisor’s cell phone number may be susceptible to falling for these attempts. Implement the guideline for staff that if they receive a text message or email from someone within the company asking for a strange or urgent request, it is best to follow up with an email to a known good address to verify the request prior to taking any action. When in doubt, they should check with your security team first.  

Step Two 

Encourage staff to turn on multifactor authentication (MFA) when it’s available. 

Setting up MFA and using it to login to accounts may seem like a lot of extra steps, but it makes it very challenging for hackers to access your accounts, even if they know your password. Encourage employees to set up MFA on all their work-related accounts, and to consider it for personal accounts as well. 

Step Three 

Leave “password123” in 2003 where it belongs. Just kidding – it wasn’t okay then, either. Ask staff to create long, unique passwords for each account. 

Gone are the days of using your pet’s name or birthday for your password. The National Cybersecurity Alliance recommends passwords that are at least 12 characters long, unique to that account (that’s right, no re-using passwords), and a complex combination of capital and lower-case letters, numbers, and special symbols. Consider implementing a best practice in your organization that requires employees to update their passwords regularly for every account. 

Turning to Managed Detection and Response (MDR) for Ultimate Protection 

The steps above can greatly increase your employees’ data privacy, but your organization may still be susceptible to breaches without the proper technology and systems in place. After all, 23% of data breaches are caused by human error. (IBM)  

Our MDR services offer customers 24x7x365 monitoring, meaning we have your back while you’re sleeping or enjoying long weekends with family. We augment your existing staff, letting you focus on what matters most, while cutting through the noise to eliminate alert fatigue. Contact an expert today to learn how you can simplify breach prevention and keep your business thriving.


You may also be interested in…

Stay Connected on Today’s Cyber Threat Landscape

  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden

©2023 CRITICALSTART. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

CRITICALSTART®, MOBILESOC®, and ZTAP® are federally registered trademarks owned by Critical Start. Critical Start also claims trademark rights in the following: Zero Trust Analytics Platform™, and Trusted Behavior Registry™. Any unauthorized use is expressly prohibited.