Data Privacy Day


January 28th is National Data Privacy Day!

Data Privacy Day is an international campaign held annually on January 28 to spread awareness about the importance of "Respecting Privacy, Safeguarding Data, and Establishing Trust" on the internet. Efforts like this are more important than ever, as data breaches involving the theft, mishandling, or unauthorized access of personal, medical, and financial information continue to increase and impact tens of millions of Americans every year. According to the Identity Theft Resource Center, there were 1,093 data breaches reported in 2016, compromising at least 36,601,939 records (excluding the Yahoo breaches involving over 1.5 billion accounts). Although the number of records compromised dropped from a high of 177 million in 2015, the number of breach incidents increased 40% year over year to reach an all-time high. This demonstrates that despite widespread efforts across the public and private sectors to increase awareness of cybersecurity risk and improve defenses, more needs to be done to raise the bar and make it more difficult and costly for bad actors to succeed. Here are some actions that everyone can take to improve online security and protect data privacy:

For Individuals:

  • Conduct an audit of all online accounts that contain personal information; delete any that are no longer necessary
  • Enable two-factor authentication (2FA) on all online accounts and mobile apps that offer it
  • If your social media contains personal information and photos, restrict settings to avoid public posts
  • Secure your home WiFi by requiring a strong password to access the network
  • Change default admin passwords on connected devices such as cameras, thermostats, and appliances
  • Never respond to unsolicited emails or phone calls requesting your personal, medical, or financial information
  • Enable full disk encryption on personal computers, if available
  • Never make purchases or enter sensitive information on websites that do not display 'HTTPS' in the address

For Businesses:

  • Collect the minimum amount of sensitive personally identifiable information (PII) and retain for only as long as necessary
  • Conduct an audit of all systems for sensitive PII; delete any for which there is no reason to retain
  • Implement policies and train employees on the proper methods to safeguard data
  • Embrace the principle of least privilege and the separation of duties
  • Encrypt sensitive data in transit and at rest
  • Require multi-factor authentication for remote access into the corporate network and privileged access to systems
  • Ensure all software and hardware is maintained at vendor supported patch levels
  • Segregate networks containing systems that process or store sensitive data from other corporate networks
  • Implement protective technologies including web and email filtering, endpoint protection, and application whitelisting

The National Cyber Security Alliance (NCSA)—the same organization responsible for National Cyber Security Awareness Month—leads Data Privacy Day and other year-round efforts to educate consumers as part of the global STOP. THINK. CONNECT. campaign. NCSA is a nonprofit, public-private partnership dedicated to promoting a safer, more secure and more trusted internet. To get involved and show your support on Saturday: 

Follow NCSA on Facebook /DataPrivacyNCSA, Twitter @DataPrivacyDay and Instagram@PrivacyAware