Five tips for more data protection in everyday life

European Data Protection Day on January 28 has been reminding us of the importance of data protection since 1981. Chester Wisniewski from Sophos uses the occasion to make an appeal: «Data Protection Day should remind us how important encryption is for protecting our data from unwanted espionage and data breaches.» Since the NSA revelations by Edward Snowden almost 13 years ago, the fight for end-to-end encryption has continued, most recently in the dispute over chat control.

Backdoors and excessive access rights are problematic. Numerous American technology companies have been deceived by cyber criminals such as LAPSUS$ and Scattered Spider by posing as law enforcement agencies in order to gain supposedly «legitimate access» to personal data. Encryption makes it possible to share exactly what you want to share with whom and when. If the user is in control, they can share data securely and with their consent.

Select suitable passwords

The Sophos expert first recommends replacing old passwords with new ones, preferably with two-factor authentication (2FA). As there are usually numerous accounts, each with their own passwords, a password manager is a good support for creating and managing all access data. These also protect against fake websites, as they recognize them and do not reveal a password in case of doubt. The 2FA causes hardly any trouble, but is a bigger hurdle for fraudsters.

Check data protection settings

With most operating systems, apps and online accounts, users can decide for themselves how much they want to disclose. Should every app on your smartphone know your current location? Do you want to stay logged into your favorite online account for the sake of convenience? Does the app have permission to publish posts in the user's name on their social media? As there is no overarching settings function for all applications, the only option is to check each account and decide individually what to allow or not.

Do not share anything without permission

This rule should apply to every user of social media: Before posting a photo with other people in it, first ask whether it is okay to do so. The information on it could not only influence relationships with family members and employers, but could also inadvertently reveal things like your place of residence, birthday and vacations to cyber criminals, who could use them against you - now or a long time later.

Special care at work

This rule is even stricter at business level: Passing on company data, whether internally, from customers or suppliers, could not only be of great interest to cyber criminals, but could also have legal consequences for the company and your own workplace.

Know your own limits

What is my own data worth to me? With this individual attitude, every request for personal information can be clearly decided. Cost savings, information, convenience, but also contractual or legal safeguards sometimes require more, sometimes less data. It is up to the user to ask and, if in doubt, to say no.

January 28 commemorates the European Data Protection Convention of 1981, the first legally binding intergovernmental data protection agreement and international tool for the protection of personal data.

Source: Sophos