Blog

Data Privacy Week 2022: What Is Your Convenience Worth?

  • 25 January 2022
  • 48 replies
  • 666 views
Data Privacy Week 2022: What Is Your Convenience Worth?

Show first post

48 replies

Userlevel 1

Thanks that was an interesting read. Definitely right about why does that website need access to my microphone, I’ve had several websites that have tried doing that and I never clicked yes. To think they’re trying to listen to me breathe, creepy…

 

On another note, having incredibly long passwords are good and will make it super hard to bruteforce, however some users most likely will use the same long password with a potentially different word somewhere in it, maybe they put the website name in? If that password was stolen, then the thieves will only need to guess on other websites. I suppose I’m trying to say that the user would make the password easy to guess, unless trained to not make it easy.

 

Obviously, a password manager would solve that, but the user may need one that is online or syncs between devices so its another cost of convenience on their end if they forget the master password or are not using a device with the password manager, which may cause them to use a much simpler master password.

 

The advice you gave was still very good and I’ll probably use it. Excuse my rambling on the subject above.

Userlevel 7
Badge +8

My views on GDPR are that they force companies to put good processes in place for data and be honest when there is a breach.

Userlevel 3

Great article . Thanks.

Userlevel 1

Very well written article. The age old debate of Privacy over convenience has been and will always be a major talking point.
But sadly too few people are really taking this stuff seriously until they get nailed by it. We here in South Africa have a piece of legislation similar to GDPR called POPIA (Protection of Personal Information Act)  I personally think it wont help as its too similar to GDPR plus the regulator here had its teeth removed so to speak.

 

My tips, they might be painful to follow they can help save your data in the long term

  1. Use a Password Manager to randomize your password just not one the cloud hosted ones, stay local.
  2. Enable MFA on all your accounts
  3. Clear Browser regularly.
Userlevel 4
Badge +8

Good Article and reminder to be dilligent! Human nature is to always look for the easiest way out and what is most comfortable and convenient. I like the idea of freezing your credit, even if you haven’t been compromised. The only problem is that in Australia it looks like you can only freeze your credit for 21 days, and then you can get an extension 😔.

 

Security I like putting in place for myself and my customers:

  • A Password Manager such as MYKI which is peer-to-peer and does not store any passwords in the cloud. 
  • Absolute must to NOT re-use passwords for any accounts!
  • Enable MFA or 2FA on all acccounts that supports it and avoid using SMS as 2FA where possible due to SIM swap attacks.
  • DNS protection. I love Webroot DNSP, wouldn’t want to be without it for myself, family or my customers!!! Just that exstra layer to avoid SCAM websites that tries to steal your identity!
  • I probably should apologise for saying this, but I ABSOLUTELY HATE SOCIAL MEDIA! It’s a hackers haven for gathering enough info to be used against you at some point in time in the future. People forget what they say on social media and you just need an AI tool to build a very detailed and powerful profile on someone that can be used against them at some point in time. Just my humble opinion!
Userlevel 4
Badge +1
I followed many courses a few years ago when the GDPR was introduced in Europe. Duie to the GDPR, our company has changed the ways in which we provided our services in the past. It is a fact that personal data and especially particular data, in the past called "sensitive data", are very important information for people and especially in the professional sphere. The GDPR was born with the desire to allow people to ask for their data to be forgotten and establishes that personal data is owned solely and exclusively by people. In the United States, for example, your data can be used by the "companies" that collect it, in some Asian countries it even becomes the property of government institutions. Having said that, it is certainly not the GDPR that can safeguard our data from cyber attacks. One of the rules of our company is to carry out in-depth assessments within companies to understand where the vulnerabilities are and correct them. The fact remains that breaches are usually created by users and therefore what we continue to do is training users on cyber-security. The priority for our company is training.
Userlevel 3

Great informative article, 10/10!

Userlevel 3
Badge

Convenience is always at odds with security, it seems. 

My main point of attack when this comes up is to advise clients, usually with a suitable example, of where the cost of a cleanup was far greater than the additional security that could have prevented a breach. 

I find if you can outline likely breaches (and most people will have heard of examples in their network) and the likely downtime and fallout then security becomes a more valued conversation. 

Userlevel 4

Very well articulated. The most impactful point is that nothing is actually free. To get something free, we usually end up selling ourselves (our data) in an ignorant Faustian bargain.

Userlevel 7
Badge +20

@TylerM ,

That’s a really interesting take! I’m curious if there’s any stats available on GDPR effectiveness. I do know that it has definitely added a layer of leverage that ransomware operators can hold over their victims. I wonder whether it’s been a net benefit at all or if it’s mostly been a bad piece of legislation!

Userlevel 7
Badge +63

We have to be more aware of these situations like Phishing sites, Scam Emails and Scam Texts and to train ones we know and that’s including our families! Having a good AV like Webroot protects us in many ways like the Web Shield and and the Identity Shield but we can never let our guard down.

Userlevel 6
Badge +5

Considering privacy vs convenience really strikes a chord with me. So many of our clients put convenience first and it takes a lot of conversation to get them to realize the real importance of privacy. One thing is for certain, once they experience a breach they are on board with every recommendation previously made and they want it done yesterday. It’s an individual thing, some people by nature choose to see things in a positive light because the reality is often an uncomfortable conversation.

Great article about data privacy

Userlevel 4
Badge +1

A good description of the problem along with helpful guidance to avoid becoming the next victim.  If something looks too good to be true then it is potentially problematic.  Similarly, if something seeks too much information about you then question the motives and review the intent to potentially bring harm to you.

The continuing education is appreciated by all and keep up the great work!

Thanks,

Ari

 

Userlevel 6
Badge +1

Thanks for great written.

Userlevel 4

Very good story. my tips for the day.

Keep your main email account safe with MFA. Reset your browser on a regular base. 

 

Userlevel 3

Well written article, that gives a lot to think about!

Userlevel 7
Badge +8

In smaller organisations, its far easier to explain and promote the real understanding of what data privacy is all about. I always take the time to explain that using their work email to sign up to online forums, polls and the likes should be avoided and for them to use a Gmail or Hotmail account, heck even a protonmail account so that they can keep things away from the business as best they can.
The larger organisations, the staff usually don’t care, and these are the ones you usually deal with pretty quickly in their (usually) limited time with said companies. Sorry, but your end users have to be made to understand that nothing can protect them 100% online and that common sense and the buck landing at their own feet, and NOT the IT people when they screw up, should be enforced more heavily in larger organisations. The IT people being blamed for ineptitude is long gone!

 

Userlevel 7
Badge +4

Data Privacy is always important, for all staff of all organizations to understand. The global pandemic has made things even worse where a lot of people work remotely, this in return had phishing attacks increase dramatically. Not many customers and organizations want to really hear about data privacy or GDPR (well should they decide to actually do something some time soon in the near future other than just being another buzz word out there). The sad reality as always, is it only start to matter WHEN they are affected. Thus we as professionals always have to strive our best to stay current, and up to date with the latest trends and fashions in the industry, to be mature enough to do our duties as best as humanly possible to try protect our customers and avoid issues, and to raise the awareness of this as well as the importance of this at all possible opportunities we can get. MFA…. MFA…. MFA…. MFA…. crucial to start with and have implemented across the board. 

Userlevel 3

I would like to start off with how great this article is with actually making people aware of the concerns about security.

 

I don’t think anyone can be 100% safe online as using the online automatically exposes the user to threat from all different angles.

 

All companies are exposed in various methods and personally I think all of these big words from security companies give people a false sense of protection as all diligence is gone out of the window when people say they’re protected.

 

Thank you for this article this has give me somethings to go over with the team.

 

 

Userlevel 1

Well written article, Opens your eyes as to how important Data Privacy is.

Well written article.

Userlevel 6
Badge +6

I have my doubts about the effectiveness of GDPR but it than that very well thought it and will written sucks. The advice about 2FA is sorry on. 

Reply