Tips for protecting the privacy of your data
It’s always a good time to consider and check on privacy of your data – whether for yourself or for your business.
To help with this process of staying alert, US-CERT (US Computer Emergency Readiness Team) has put together some guidelines to help consumers and businesses learn more about how to protect their privacy and personal information.
If you think you could do more to protect your personal or business data, why not take action? There’s no better time to act than now.
Here are 10 highlights from US-CERT that may be helpful for you:1. Use and maintain anti-virus software and a firewall. Protect yourself against viruses and Trojan horses that may steal or modify the data on your computer by using anti-virus software and a firewall. 2. Regularly scan your computer for spyware. Spyware or adware hidden in software programs may affect the performance of your computer and give attackers access to your data. Use a legitimate anti-spyware program to scan your computer and remove these files. 3. Keep software up to date. Install software patches so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates; if this option is available, you should turn it on. 4. Evaluate your software’s settings. The default settings of most software enable all available functionality. However, attackers may be able to take advantage of this functionality to access your computer. It is especially important to check the settings for software that connects to the internet (browsers, email clients, etc.). Apply the highest level of security available that still gives you the functionality you need. 5. Avoid unused software programs. If you have programs on your computer that you do not use, consider uninstalling them. In addition to consuming system resources, these programs may contain vulnerabilities that, if not patched, may allow an attacker to access your computer. 6. Consider creating separate user accounts. If there are other people using your computer, most operating systems give you the option of creating a different user account for each user, and setting the amount of access and privileges for each account. You may also choose to have separate accounts for work and personal purposes. Ideally, you will have separate computers for work and personal use; this will offer a different type of protection. 7. Establish guidelines for computer use. If there are multiple people using your computer, especially children, make sure they understand how to use the computer and internet safely. Setting boundaries and guidelines will help to protect your data. 8. Use passwords and encrypt sensitive files. Passwords and other security features add layers of protection if used appropriately. By encrypting files, you ensure that unauthorized people can’t view data even if they can access it. You may also want to consider options for full disk encryption, which prevents a thief from even starting your laptop without a passphrase. When you use encryption, it is important to remember your passwords and passphrases; if you forget or lose them, you may lose your data. 9. Follow corporate policies for handling and storing work-related information. If you use your computer for work-related purposes, make sure to follow any corporate policies for handling and storing the information. These policies were likely established to protect proprietary information and customer data, as well as to protect you and the company from liability. Even if it is not explicitly stated in your corporate policy, you should avoid allowing other people, including family members, to use a computer that contains corporate data. 10. Dispose of sensitive information properly. Simply deleting a file does not completely erase it. To ensure that an attacker cannot access these files, make sure that you adequately erase sensitive files.
You can review even more security tips at US-CERT’s site for ways to protect yourself and your data. Also, check out these resources on privacy, avoiding social engineering and phishing attacks, an preventing an responding to identity theft.