Following a number of high-profile security breaches trust in how businesses use and protect our data is at an all-time low. The Council Of Europe has recently published guidance for big data processors and controllers.
New Guidelines Published by Council of Europe
The Council of Europe has recently published Guidelines on Artificial Intelligence and Data Protection. This comes at a good time. Following a number of high-profile security breaches trust in how businesses use and protect our data is at an all-time low.
A Facebook security beach in July 2017 affected 50 million users who had their access tokens stolen. The breach wasn’t detected until two months later. Facebook declared the hack within 72 hours of discovery, promptly fixed the vulnerability and secured the accounts. The Irish Data Protection Office (Ireland employs 20% of Facebook’s employees) is currently investing Facebook’s threat detection process.
Ask yourself, what would be the business impact if you lose all your contacts? It has taken APMG over a decade to build social media followers of over 23,000, plus like many other businesses, we have databases containing millions of items of personal information. We spent several months last year running an internal project to ensure our customer data was GDPR complaint. In my last blog I discussed why GDPR will help all businesses.
If you are not running a business it is important to protect all personal data. For a social media influencer your net worth is not yourself, nor is it your content or the images you share. Your value is your data. Brands are looking to partner with influencers who have large number of followers they can cascade their brand message to. If that audience no longer exists your value is significantly reduced.
In a recent story, Australian lifestyle influencer Georgie Thomas reveals how hackers accessed her Instagram account and deleted her 15,000 followers when she refused to pay the ransom. Re-building her audience is going to take a long time.
Take control of the privacy settings on all your devices and accounts. There’s lots of advice on the Cyber Essentials website. Check your location data permissions. Only give apps and services the permissions they need to function.
The simple message is to not rely on suppliers to keep your data safe. Take action yourself. Simple measures such as ensuring you use strong passwords and different passwords for different activities can keep your data safe. The NCSC suggest you have and keep a very strong password and don’t change unless breeched
Passwords should be hard to guess and be random. Hackers could use the information you post on your social media channels to guess eg football teams, holidays, pets or family members.
Password Tips
- Don’t reuse passwords from other sites. If cyber-criminals crack one site they can try the same password on your other sites.
- Cyber criminals can use programmes which can run through the dictionary in seconds. They also have programmes which have inserted commonly used characters like Pa55word!
- Brute force cracking programs generally stop at 16 characters, though many websites ask for a password between 8 and 10 words
- Try and think of three totally random words you can easily remember or a phrase like 81FlyBanK
