top of page
Search

Privacy Practices: Our Focus

  • Writer: napoleonbroughton
    napoleonbroughton
  • May 24, 2020
  • 2 min read

Updated: May 29, 2020

At LES, Privacy Practices are our main focus in an attempt to decrease the potential of threat that could adversely impact our agency operations through an information system via unauthorized access, destruction, disclosure, or modification of information and denial of service.

ree

It seems that every day there is news of a security breach or invasion of privacy. Fortunately, when it comes to the security of your personal and professional data, there are strategies you can implement and actions you can take to reduce company risks.


Building Your Threat Model


Threats are any potential harm to the security and privacy of your data. A risk, on the other hand, is the likelihood that a potential threat will happen. I have always found it helpful to to build your own “threat model.” This is a plan you can create that helps you decide what level of security you will need for each different type of data you work with. The Electronic Frontier Foundation recommends asking the following questions:


What does your company want to protect? Who are you guys protecting it from? How bad are the consequences if failure occurs? How likely is it that the company will need to protect it? and How much trouble is the company willing to go through to try to prevent potential consequences? Listed below are some good steps to follow:


(a) Always back up your data

(b) Always report lost or stolen devices

(c) Do not open suspicious emails (These scams are called “phishing” as a slang form of the word fishing. The attacker is fishing for private information to exploit

(d) Use a Virtual Private Network (VPN) to protect your data

(e) Be creative with your passwords and be consistent in changing (take advantage of two factor authentication)

(f) Always lock screens and encrypt information

(g) Do not loan your personal computer to other people

(h) Decrease use of public wi-fi


Some of the most publicized breaches in recent years include those of LinkedIn, Yahoo, and Equifax. These breaches made it possible for the private data of large numbers of users to be used by Cybercriminals at any point in the future.

The Privacy Rights Clearinghouse also has a useful page called “What to Do When You Receive a Data Breach Notice.”It gives good advice and is an excellent resource page to recommend to users whose data has been breached.

Is there one measure that always work?


No measures is 100 percent foolproof although effective strategies can make it more difficult for information security breaches to be possible. Pleas subscribe to the LES Cybersecurity Awareness Training for your business. The training is Department of Information Resources Certified in affiliation with 1GPA. For additional information regarding the training, email me at nbroughton.les@gmail.com

 
 
 

Comments

bottom of page