Celebrating Birthdays every year is a trend. Similarly, every year since 2006, 28th January is observed as Data Privacy Day. During pandemics, organizations need to be more mindful about safeguarding important information.
Working in this increasingly digital world, nobody bothers to check data privacy until any personal data has been compromised. Various factors like remote working or hybrid working have increased reliance on digital technologies to manage everyday activities.
Data Privacy Day is part of ‘STOP. THINK. CONNECT.’ campaign, a global online safety, security, and privacy act initiated by the National Cyber Security Alliance (NCSA).
On this Data Privacy Day 2022, we bring you a compilation of a few industry experts’ tips for protecting sensitive corporate data.
Tips from expert’s
Experts from Veeam, a leader in backup, recovery, and data management solutions that deliver Modern Data Protection, has given the following statements –
Rick Vanover, Senior Director, Product Strategy: “Today, privacy matters. Data Privacy continues to be more important than ever. From an awareness standpoint, Data Privacy doesn’t get the attention it needs. I see IT organizations constantly manage large amounts of data that really doesn’t matter any longer. ROT – Redundant, Obsolete or Trivial – Data should be moved out of its storage lifecycle. My practical advice on Data Privacy day is to assess what data is where and identify what needs to be removed. If it doesn’t need to be removed, then determine if selected data should be moved to a correct tier or policy. From a privacy perspective, where it exists is an important first step of the process.”
Dave Russell, VP of Enterprise Strategy: “Today data privacy is at greater risk than ever before. There are concerns over accidental data leakage, which is not malicious, but still represents on opportunity for exposure. Increasingly cyber threats and ransomware no longer target data for bad actors to encrypt until a ransom is paid, but now data exfiltration and purposeful data leakage can be a component of the cyberattack. Even small pieces of data can be important, and now many pieces of data can be combined to represent an even larger privacy risk. This means that data security, frequent reviews of what data is truly required to be retained, and data availability are all needed to ensure that corporate and personal data remains safe.”
Experts from HYCU (Hybrid Cloud Up Time), a global leader in multi-cloud backup as a service, commented –
Simon Taylor, CEO: “The issues around data privacy have never been more at the center of the industry conversation than they are now. Data Privacy Day serves as a healthy reminder to us all that not only should we do everything that we can to safeguard our personal and corporate data, but that it’s a time to revisit best practices to backup, manage and protect our data, no matter where it resides. If the escalation of ransomware attacks over the past eighteen months has taught us anything, it’s that you can never be too vigilant. That is why we, along with other industry pioneers like Boston College, FireEye Mandiant, SADA and Carahsoft, created the public service R-Score, designed to help companies assess their readiness to recover in the inevitable event of a ransomware attack. As the market continues to adopt SaaS-based services and technologies from on-premises to public clouds, data privacy is a reminder to us all that it’s a shared responsibility.”
Justin Endres, SVP of Worldwide Sales: “It’s no secret that organizations continue to face data, privacy and resiliency challenges as they adapt to new and more demanding realities across their on-premises, hybrid and multi-cloud environments. As we navigate the new year, there will be an increased focus on making processes agile, scalable, and fully available – oh and securing it all the while. We’ve seen recent cyber incidents and they certainly cause a considerable amount of anxiety; however, these are all fairly mild, relatively speaking, given the possibilities amidst rising tensions around the world. Data Privacy Day is a great reminder that Cybersecurity is not just about IT, it is about governance, planning, practice, training and individual accountability.”
Experts from VMware, a cloud computing company, said –
Rick McElroy, Principal Cybersecurity Strategist: “We’re all familiar with the concept of The Great Resignation, but what organizations need to be hyper-aware of this Data Privacy Week is its significant impact on insider threats. The number of employees that have left a company but still have access to the network or proprietary data – whether accidentally or purposefully – has significantly increased. Malicious actors know this and will start to target these employees to either carry out cyberattacks or plant ransomware. CISOs need to reevaluate their current security posture to ensure that this type of data is properly protected so that an instance of an employee departing from a company is not linked to a possible security incident.”
Karen Worstell, Senior Cybersecurity Strategist at VMware: “The lines between work and our personal life have increasingly been blurred over the past few years as our homes now double as our offices. This is not likely to change soon, as companies continue to delay their return to office plans. As we settle into a new era of anywhere work, enterprises must understand that data privacy practices rest on a foundation of strong cybersecurity controls. Data Privacy Week is a time for organizations to set goals for implementing best practices that improve data protection and cybersecurity. These include robust vulnerability management, implementing multifactor authentication, threat hunting, and network micro-segmentation, among others.”
Privacy expert at Kaspersky, Global Leader in Cybersecurity Solutions and Services, Vladislav said: “The last year brought many new challenges and opportunities in the field of data privacy. Privacy is very complex as it is a technological, ethical and a legislative issue and is shaped by interests of governments, businesses and people as citizens and consumers. While just a few years ago data leaks were in the headlines, in 2021 we saw much more attention given to how legitimate data collection by businesses, employers and governments can be detrimental to personal privacy. This is why we see more initiatives from both corporations and public sector to promote privacy and privacy-preserving technologies: from Apple and Google moving much of data processing for their smartphones on the devices (“edge computing”) to discussions on using differential privacy in analysis of US Census data.”
He added, “We expect a lot of interesting developments here, with new legislation being adopted and proposed in this field (such as TLDR Act in the US or Digital Services Act in the EU) and privacy-first products gaining popularity. Companies that rely on data analysis as their business model will have to adapt further to these new trends and find new creative ways to both empower their customers to control their data and continue to provide value.”
Bottom line
Data Privacy Day was initiated in the United States and Canada in January 2008 to extend Data Protection Day in Europe. Data Protection Day commemorates the 28th January 1981 signing of Convention 108, the first officially binding international treaty dealing with data and privacy protection.