It’s Time to Focus on Data Privacy and Compliance
Most businesses have compliance regulations they need to meet. 2021 is becoming somewhat of a tipping point for some. Companies are dealing with the development of new data privacy laws that will surely add some responsibilities on top of already established regulations. This month, we thought we’d take a look at compliance and why it is important to stay on top of it.
Before we get into regulatory compliance, we should mention that compliance with company-wide regulations (that presumably you’ve set up for a reason) are not exempt when considering your business’ compliance responsibilities. Understanding where your organization is in meeting both outside and inside compliance requirements can set you up for success, even as your business doesn’t look the same way it did in the past.
Outside Compliance Considerations
When compliance regulations are considered, typically these are the qualifications that need to be met. They are traditionally ethics-based regulations set up by legislators to help govern fair enterprise. Today’s business creates, collects, and uses data in new and exciting ways, and having to meet regulatory benchmarks becomes more and more crucial. Most of these regulations are governed by federal, state, and industry legislative bodies and organizations created to do that. If they are not met, it can cause some difficult problems for any business. These include fines, suspension of service, and more.
Inside Compliance Considerations
The regulations you set up for your own business obviously don’t carry the risks inherent in meeting regulatory requirements, but presumably you’ve enacted these benchmarks and requirements to help manage and operate your business effectively, so meeting those standards is important.
Massive Push For Data Privacy
For some time now, consumers have been more cognizant of how their personal information can be used against them. That doesn’t mean that many people have taken the steps to protect that data, but that is evolving. Typically, any regulations aimed at data protection have been made to keep organizations from taking advantage of stakeholders, but now, it seems, there is a fairly large section of people that are actively looking to help individuals protect their personal data. Unfortunately, many of the major technology companies don’t seem to be among them.
The establishment of the General Data Protection Regulation (GDPR) by the European Union was a landmark day for individual data privacy. It held businesses accountable and gave individuals control over a lot of their personal data. Much of the same data was shared with impunity before the GDPR went into effect. Today, there are several data privacy laws on the books in the United States, with a federal data privacy law looking inevitable in the years to come.
Outside of the GDPR (which affects any business that does business with European companies) most of today’s requirements have been in place for quite some time. Regulations like HIPAA and PCI DSS affect millions of businesses, so it is important to have a set of strategies in place to keep compliant. Here are a few tips:
1. Stay in Good Standing - You need a Certificate of Good Standing. Otherwise you can’t legally do business in most states. This is a certification that is issued by your state and requires your business to be registered as a legal entity, be current on tax filings, and meet other benchmarks or be suspended from doing business in that state.
2. Be Aware of Any Laws that Govern Your Business - These days, the regulations and laws are always changing. Business in 2021 moves fast, so staying up on the latest regulations will help your business maintain good health and go a long way toward putting you in a position to maintain compliance.
3. Keep Your Contacts Updated - It’s important to keep your business contacts list up to date. This strategy helps by having contacts on hand so that you can handle important issues that might arise.
4. Follow Best Practices - Complaint companies understand the best ways to stay that way. Typically, by following best practices, your business can maintain compliance more effectively.
If you need help staying compliant or understanding how to, give the IT professionals at Jackson Thornton Technologies a call today at 334-834-7660.
Tip of the Week: Keeping Peeping Eyes Out of Your Webcam
With many—if not most—computers and especially laptops featuring integrated webcams at this point, it isn’t hard to imagine how disastrous it would be to be spied on through it. Let’s take a few moments and go over a few ways to be sure that your webcam isn’t being used without your consent by someone else.
Keep Your Software Up to Date
To spy on you through your webcam, a cybercriminal (which is what that person would be) needs to have access to it. This can be as simple as simply hijacking an insecure program that has already been granted this desired access.
Keeping your software up to date helps to eliminate the likelihood that the hacker will have that opportunity, from the programs and apps you have installed to the operating system itself. When working on a PC, navigating to Settings and to Update & Security will bring you to the option to schedule your Windows Update. Rather than being interrupted mid-workflow, you can Change active hours to have these updates implemented after hours.
Maintain a Firewall
When it comes to keeping unwanted guests out of your network, a firewall is one solution you certainly need to prioritize. Making sure it is up, activated, and effective is a relatively simple process.
In Settings, once again under Update & Security, you should find Firewall & network protection in the left sidebar. The menu that opens when you click it will offer Windows Defender Firewall, one rudimentary way to stave off threats. This is a good enough solution for home users, but businesses will want to deploy an enterprise-level firewall that is designed to protect every facet of their network.
Securing Your Wi-Fi
It isn’t uncommon that attackers will target your network via the router, rather than the computer that uses it to connect to the Internet. If they can access this piece of your network infrastructure, there’s a considerable list of devices they’ll then be able to access. Better securing your router equates to better securing your entire network.
The first step is to rename your wireless network to something that doesn’t tie back to your business and lock it down with a strong, complex password. You’ll need to remember it, of course, but using a passphrase with some added symbols and alphanumeric switching will help keep it memorable to you and bamboozling to cybercriminals.
Cover Up Your Webcam
If you’re really and truly worried that someone may be peeping at you through your webcam, the simplest way to prevent the possibility is to simply obscure their view. Covers are available to make it simple to “deactivate” the camera when it is not needed, and in a pinch, a sticky note will do the job just fine.
Privacy always needs to be prioritized, in the office, the home, and in the home office. For more tips, practices, and advice on keeping your data secured, make sure to check back on our blog every few days.
Facebook’s Massive Data Leak
Facebook is many people’s favorite—or at least most used—app and it does bring value to people by letting them keep tabs on friends and family, or grow their businesses. It has grown to be one of the largest, most successful software technology companies in the world. Unfortunately, with that type of exposure comes the responsibility of securing massive amounts of personal data. In this quest, they leave a lot to be decided. Today, we take a look at the situation Facebook is in as they are dealing with one of the largest data leaks in history.
What’s the Issue?
The current situation didn’t start recently, but at the beginning of April, some 533 million Facebook records were leaked by hackers for free on the dark web. Over half a billion users have had their personal information, including Facebook ID, corresponding phone numbers, birthdates, some email addresses, relationship status, and bio, dumped into a public database online.
Facebook confirmed that the data was from a 2019 data leak, and that they have long since patched the vulnerability used to obtain it. That’s a good thing, but it’s still concerning that two years after a major data leak, the data, which was for sale for the past two years, was just dropped on the web for free. Obviously, the tech giant wants the narrative to be that this is old data and they have since made the changes necessary to protect their massive amount of user data, but the fact that it is still available is the bigger issue.
Once Data is Leaked, It’s Out There Forever
We may not really know the tangible value of the data found in this massive database. What we do know is that once data is leaked, it’s going to cause some consternation for Facebook, because:
● One of Facebook’s major revenue streams revolves around transactions with this data.
● This data is out there for free.
● It was likely obtained from a hacking tactic called scraping.
Your company doesn’t have the huge amount of data that Facebook has, but you have the same responsibilities with the sensitive data you have. If Facebook wasn’t, you know, Facebook (that being a platform that is typically used to share data) they wouldn’t be able to simply shrug off something like this. We can say with confidence that a data leak of nearly a quarter of your client base’s data would come with massive repercussions for your business.
That’s why you need to ensure that you have the tools in place so that you don’t have to deal with data theft, loss of customer confidence, and all the other negative variables that come with a data breach. If you would like to find out more about how Jackson Thornton Technologies can help you secure your business’ and customers’ data, reach out to us today at 334-834-7660.