Data Privacy


Data breaches involving the theft, mishandling, or unauthorized access of personal, medical, and financial information continue to increase and impact tens of millions of Americans every year. This demonstrates that despite widespread efforts across the public and private sectors to increase awareness of cybersecurity risk and improve defenses, more needs to be done to raise the bar and make it more difficult and costly for bad actors to succeed. Here are some actions that everyone can take to improve online security and protect data privacy:

For Individuals:

  • Conduct an audit of all online accounts that contain personal information; delete any that are no longer necessary

  • Enable two-factor authentication (2FA) on all online accounts and mobile apps that offer it

  • If your social media contains personal information and photos, restrict settings to avoid public posts

  • Secure your home WiFi by requiring a strong password to access the network

  • Change default admin passwords on connected devices such as cameras, thermostats, and appliances

  • Never respond to unsolicited emails or phone calls requesting your personal, medical, or financial information

  • Enable full disk encryption on personal computers, if available

  • Never make purchases or enter sensitive information on websites that do not display 'HTTPS' in the address

For Businesses:

  • Collect the minimum amount of sensitive personally identifiable information (PII) and retain for only as long as necessary

  • Conduct an audit of all systems for sensitive PII; delete any for which there is no reason to retain

  • Implement policies and train employees on the proper methods to safeguard data

  • Embrace the principle of least privilege and the separation of duties

  • Encrypt sensitive data in transit and at rest

  • Require multi-factor authentication for remote access into the corporate network and privileged access to systems

  • Ensure all software and hardware is maintained at vendor supported patch levels

  • Segregate networks containing systems that process or store sensitive data from other corporate networks

  • Implement protective technologies including web and email filtering, endpoint protection, and application whitelisting

The National Cyber Security Alliance (NCSA)—the same organization responsible for National Cyber Security Awareness Month—leads Data Privacy Day and other year-round efforts to educate consumers as part of the global STOP. THINK. CONNECT. campaign. NCSA is a nonprofit, public-private partnership dedicated to promoting a safer, more secure and more trusted internet.

Additional NJCCIC Resources

Best Practices: Learn all about cybersecurity best practices on email security, passwords and multi-factor authentication, exploring the internet, and device security.

Be Sure to Secure: Discover information on various cybersecurity topics as well as instructional guides designed to teach you how to properly secure devices, data, and networks.

Threat Analysis: Catch up on the latest cyber threats!