Unshakeable Salt

Data Privacy Day aims to inspire dialogue and empower individuals and companies to take action. Millions of people are unaware of and uninformed about how their personal information is being used, collected or shared in our digital society.

We ask that everyone takes a few minutes today to consider privacy. Take a retrospective look at some configuration you disabled to make a webpage work. Use Data Privacy Day to have a look through your password manager. See if any of your previously used passwords have been breached. Better still, delete some of those accounts that you never use anymore.

In the work place we all know about the GDPR. As that approaches its second birthday (here come the terrible twos), a lot of us will be undergoing our annual ‘mandatory’ training. This is great as it keeps it fresh in our minds, but it does seem to get stuck in a work place context.

Whilst attending BSides Leeds last week, it was refreshing to hear about efforts to ensure security reaches the home. Like the link above for BSides, we don’t always practice what we preach once we pass the office door. How many people follow through to the BSides website – even though it supplies a certificate warning error when you visit ?

Data Privacy Day

Realistically a day is never enough. The consideration of privacy needs to become second nature. Try to incorporate good security hygiene into your daily routines.

  • Always Stay ‘Up-to-Date’
    Don’t skip security updates. Know your operating systems, applications and patch all your devices.
  • Block unnecessary web content
    Use a reputable advert and content blocker in all your web browsers, and avoid ad-supported apps on mobile devices.
  • Know your software sources
    Don’t disable Gatekeeper on Macs or similar features on other operating systems. Be very cautious about installing insecurely-delivered software and only use official ‘App Stores”
  • Always use a trusted VPN on untrusted networks
    Use a VPN whenever you’re on a network you don’t control. 30% of consumer VPN’s are untrustworthy. Research those you can trust.
  • Implement Full-Disk Encryption
    Use FileVault 2 on macOS, BitLocker or VeraCrypt on Windows, or built-in FDE options on Linux-based systems.
  • Password Managers
    Use a password manager like 1Password and replace all your insecure passwords with random strings. Enable Multifactor authentication where ever you can.
  • Stay Alert
    Follow security people on social media. Understand and advocate for security issues. Know who to contact when things aren’t quite right. Blatent Plug – Unshakeable Salt !!!

Additional reading:

Next Post