Data Privacy Day, January 28th, is an annual international event encouraging and promoting privacy and data protection best practices.
We have all heard and had the lectures (or perhaps watched the below bit by Michael MacIntyre) about how to strengthen our passwords to prevent hacking of our personal data. Which is what first comes to mind when we think about data protection.
But there is a difference between data security and data privacy. Data security relates to the measures we put in place to protect the information stored and shared for websites, accounts, credentials, or any type of personal or business information that we need to secure.
Data privacy is more focused on how that information is collected, used, and distributed.
Despite the jokes and hilarity of some of the examples we’ll show you, both play an incredibly important part of our every day lives in this digital era.
The reality is that your personal (or work-related) data is a digital record that puts you at serious risk of theft, identity theft, exposure to espionage, and can lead to physical threats as well.
1. The “were you even thinking?” personal information leaks on social media
Like the below where an individual posted the drivers license he used to cut lines of cocaine.
2. The “I’m so excited I can’t see straight!” badge leak on social media
This is an all-too-common one, whether it’s a security clearance for a major event *cough* Superbowl *cough* or do you remember when that kid photoshopped a badge to access the McGregor – Mayweather UFC Fight and got backstage, even walked on with Conor McGregor?
3. The “I love my job!” unintentional, but unfortunate, data leak on social media
This one is a heart breaker, some examples include:
- Selfie with a computer screen of sensitive information
- Desk picture featuring passwords/access codes (like that one time… at an airport)
- Or the new job posting with their fresh new badge
4. The “employee turned insider” intentional data leak on the deep and dark web
An unfortunate reality, but one that puts all companies at risk and weighs on the shoulders of many security professionals. When employees become disgruntled and reckless some may take sensitive executive information, product IP, or other confidential data and share it on boards/forums or even sell it on the dark web.
5. The “corporate whoopsie” every employee behind the device wishes they could turn back time to undo
A simple google search will uncover some really unfortunate mistakes — whether it is customer service reps responding online too quickly (i.e., not thinking the most critically) or mistaken links to internal documents (or worse, illicit images/urls).
The below demonstrates the critical importance of private vs. group messages… or even tweets.
So on this international Data Privacy Day, consider the role you can play in your own data privacy and security. And most of all, heed the lessons learned shared by the many who have fallen victim to these unfortunate data leaks!
Read about what the SEC considers the most significant threats to information protection here.