iOS app Android app More

Featuring fresh takes and real-time analysis from HuffPost's signature lineup of contributors
Scott Vernick

GET UPDATES FROM Scott Vernick
 

Cover Your App: Five Lessons from Recent Data Breaches

Posted: 01/25/2012 9:20 am

It's 2012: Do you know all of the places where your personal information lives? Apparently Zappos doesn't and neither do a host of other businesses, as reported in the news on an almost daily basis. Businesses are overwhelmed by how much information they collect, and get into trouble because they don't know what data they actually have, where it's coming from, or where it's going, and hang on to it longer than they should. What's more, as in the case of Facebook, they're not always doing what their privacy policies say they are.

While many people claim they care about their online privacy, our share-it-whenever-wherever mentality seems to evidence otherwise. Judging by consumers' increased use of anti-tracking software, their concerns seem to be more about keeping their online behavior a secret than actively protecting the vast amount of business, financial and personal data that is shared and stored online.

That is until something happens. You'd be surprised how many businesses wait for a data breach before really dealing with your privacy and security. Here are five ways to avoid the most common mistakes:

  • Learn the privacy rules of the road. Businesses often don't know what's in their privacy policies, but you can and should. Before hitting "I accept," read a company's privacy policy thoroughly. If you don't understand it, call customer service for explanation.
  • Avoid oversharing. Companies often disperse their information too widely, not always knowing where it lands. Be aware of the third-party relationships that businesses and organizations you deal with have, and assume your information is likely to be shared with them unless you expressly forbid it.
  • Be vigilant. Businesses need appropriate controls in order to quickly detect if a breach has occurred, how it happened, what data has been stolen and how the breach can be fixed. Many businesses leave themselves highly vulnerable in this regard, as do consumers. While there are no fail safe solutions, doing something as simple as reviewing monthly bank and credit card statements for any suspicious activity can make the difference between the minor nuisance of replacing your account number and card, and the major challenge of dealing with personal identity theft. Using unique passwords on different websites you visit, and changing them regularly, adds another layer of protection.
  • Don't let your mobile devices go missing. Some of the biggest and most expensive business information breaches in recent history happened because of simple human error. We've all heard stories about the laptop with classified information left at the airport or the business phone forgotten in the taxi. This one's pretty basic: Watch your technology like you would your kids.
  • Lock it up. Businesses should, but often don't, encrypt data and that's where many of the problems start. Installing and using passcodes on computers and PDAs is no more of a basic security practice than locking your house and car.

While there is no silver bullet to guarantee that your online information will be 100 percent secure, you can learn from the mistakes that have a habit of repeating themselves. A few simple changes in how you handle your online activities and personal technology can have a huge impact in safeguarding your life on the Internet. Now more than ever, in the absence of any real solutions to cybercrime, it's up to the public to take this responsibility into their own hands.

This Friday, Jan. 28, which the National Cyber Security Alliance has designated Data Privacy Day 2012, to "promote the importance of data privacy and encourage digital citizens to exercise closer control over how their personal information is collected, shared, and stored online," would be a good time to start.