World Data Privacy Day : January 28th

January 28 is celebrated as Data Privacy Day (DPD) across the world. The objective of the day is to sensitize individuals and disseminate privacy practices and principles. The importance of data protection increases as the amount of data created and stored continues to grow at unprecedented rates.Any information that your business stores digitally needs to be properly protected. From financial information and payment details to contact information for your staff, data usage has to be protected by law.From being a privacy professional to an internet user or a consumer, the onus of safeguarding privacy lies on every shoulder.

Spreading awareness around data privacy is utmost essential. A single company may possess the personal information of millions of customers-data that it needs to keep private so that customers’ identities stay as safe and protected as possible, and the company’s reputation remains untarnished. (Can you say “data breach”?) But data privacy isn’t just a business concern.The more you know about it, the better able you’ll be to help protect yourself from a large number of risks.

“Data Protection Day should serve as a wakeup call for both consumer and companies on the realities of keeping data safe in 2020. While everyone has heard the warnings about keeping personal data safe online, millions of people across the globe are parting with copious amounts of personal data every minute of every day, leaving data traces behind in a literal cookie trail. This is despite us being more aware of the value of our data than ever before.

“Sadly, this universal truth is at constant war with our impatient, always-connected brain, which urges us to scroll through terms and conditions as quickly as physically possible so that we can access what’s on the other side. Effectively we are signing away our data ownership in a matter of seconds each time. And once that's gone, you can never get it back. Privacy is a Pandora’s Box in that sense. It’s easy to say that there should be more education among consumers, but ultimately so much of our data already sits within online services’ databases globally, it’s already nearly impossible for individuals to take back control of their digital profile.

“On the flip side, businesses which have been collecting this data for so long are also now in a difficult position. The data sprawl that enterprises have created is expansive and the cost of keeping it secure will be significant. Today, businesses need to take a leading role in ensuring that our data doesn’t fall into the wrong hands, as the impact has been grave for users and businesses alike. Realistically though, we will need to accept a trade-off between what we can and can’t secure. More manual error-based issues can and will occur, so there needs to be a mitigating framework in place to stop errors wherever possible, but also to handle these breaches when they do occur.

“Yet, in spite of the acres of negative news around data misuse, collecting and using personal data should not be considered a mortal sin. If you look past big business, there are many other use cases for data, such as scientific experiments or health developments which drive new social value. If we cut off the access to all data, we risk losing out on a lot of valuable insights and new discoveries. But this is only the case when data is in the right hands. Businesses who do collect data should have a high degree of responsibility for that data - and that, of course, includes culpability when things go wrong.”

5 simple tips to help protect your personal data by Norton:

Since data privacy is such a prevalent issue, many government organizations and corporations spend millions of dollars each year to help protect their data-which could include your PII-from exposure. The average consumer probably doesn’t have that kind of money to spend. But there are inexpensive steps you can take to help protect your data. Here are a few suggestions:

* At home, use a mail slot or locking mailbox, so that thieves can’t steal your mail.

* Before discarding, shred documents, including receipts and bank and credit card statements, that contain personal information.

* Make sure to secure your home Wi-Fi network and other devices so that criminals can’t “eavesdrop” on your online activity.

* Don’t automatically provide your Social Security number just because someone asks for it. Determine if they really need it and, if so, ask how they’ll help protect it.

* Use strong, unique passwords for all of your online accounts.

One final recommendation to help you keep your data private: Regularly assess the privacy settings on your social media accounts. If you don’t, you may be sharing a lot more than just your name with people you’ve never met-and a savvy criminal could use that information to steal your identity and a lot more.

Bhavin Turakhia, Founder & CEO, Flock says ‘’With the rapid proliferation of new technologies such as artificial intelligence (AI), machine learning (ML), internet of things (IoT) etc., businesses need to continuously evaluate the platforms and apps they use from a data security perspective. Today, it has become imperative for companies to opt for technology solutions that have in-built enterprise security features and compliance. Also, we cannot ignore the fact that employees need to be sensitized especially when there is constant news about how user data has been compromised / misused by people with malicious intent. With Data Privacy Day being observed today, organizations need to invest in the training of their IT teams and employees to ensure they acquire the required knowledge and skillsets necessary to tackle today’s sophisticated threats to IT security.’’

Neelesh Kripalani, Senior Vice President and Head, Center of Excellence (CoE) at Clover Infotech says “The Personal Data Protection bill is a step in the right direction. I think every individual should have the right to ascertain the extent of exposure of sensitive and private data. By viewing the data as sensitive, critical and general as against putting it all in one bucket, the government will enable users to have a seamless digital experience while knowing that the data will be processed, stored and protected under a strict lawful guideline. Also, the bill outlines a legal framework to preserve the sanctity of consent in data sharing and penalize those breaching privacy norms, thereby giving citizens more power and control over their digital personas and the associated data.”

Every Day Is Data Privacy Day

With Data Privacy Day being observed around the world today, Sunil Sharma, managing director sales, India & SAARC, Sophos advises you to treat every day as Data Privacy Day and apply these simple tips to secure your data.

Use a password manager

Password managers will create and remember complex passwords for you, making it easy for you to keep different passwords for every website. All you need to do is remember one super long and complicated password for the manager itself.

Be aware of what apps you use

Always check the permissions an app is asking for before you download it to your personal device. It’s also important to delete any apps that you don’t use anymore.

Know what you’re sharing on social media

Information such as your date of birth or address gives cybercriminals usable information about you. Equally, sharing when you’re going on a trip can alert local criminals that your home will be empty.

Use two-factor authentication

You can do this with an app such as Google Authenticator, or from SMS codes sent directly to your phone. If you want to be super secure you can do it with a hardware key that you plug straight into your computer or laptop.

Use a webcam cover

It’s not impossible for hackers to access your webcam. Keep yourself protected and have peace of mind by using a webcam cover.

Keep your shields up

If you’re having connection troubles, resist the temptation to “turn off the firewall” or “bypass the router” to see if that solves the problem. That’s a bit like disconnecting your car’s brakes and then going for a ride to see if performance improves.

Consider using a ransomware blocker.

Tools like Sophos’ own Cryptoguard can detect and block the disk-scrambling part of a ransomware attack. This offers you protection even if the malware file itself, and its running process, is out there on someone else’s computer that you can’t control.

Patch early, Patch often

There are millions of computers still at risk from WannaCry – this means they haven’t been patched for more than two and a half years! Don’t be one of those people. The best way to stay up to date is have auto-updates on so you know you’re running the latest software.

Make regular backups

And keep at least one recent copy offline, so you can access your precious data even if you’re locked out of your own computer, your own network or your own accounts. By the way, encrypt your backups so that you don’t spend the rest of your life wondering what might show up if any of your backup devices go missing.

While today might be the official Data Privacy Day, remember its Data Privacy Day tomorrow, the day after and the day after that. It’s like Quit Smoking Day – you take it on for the rest of your digital life.

Prashanth G J, CEO at TechnoBind

"The right to privacy is a fundamental right" - this is the core principle on which the new Indian Personal Data Protection Bill is being drawn up. On this International Data Privacy Day it is important to note that the rapid growth of the Digital Economy cannot happen at the cost of personal privacy of Data. It is important to build a culture of inclusiveness where not only the corporates requesting and storing the personal data but also the citizen needs to be made aware of how to control and safe guard his personal data to ensure his privacy in the digital world. I also hope that the government comes out with programs which help educate the common citizen about his rights as well as educate him as to how to protect his personal Data."

Ashis Guha, CEO at RAH Infotech

"We continuously adopt newer technologies and most of them are data-driven. When we have so much data to be exchanged over digital networks and platforms, data privacy becomes more relevant in today's hyper-connected world than ever. Throughout 2019, cyber-attacks and threat actors have made headlines and no organization wants to be at the center of one.

With the increase in focus on data protection and data privacy policies across the world, on this Data Privacy Day, I would like companies to take an oath to strengthen their security systems, not only to take care of data storage and mining but also managing the huge amount of data generated on a daily basis. Organizations must follow best data privacy practices and basic cyber hygiene to protect data and respect privacy,"

Sriram S, Co-Founder at iValue InfoSolutions

"The nature of attack landscape has transformed to a great extent with the advent of IoT and Smart devices. With more than 75% of people in India now using Mobile for banking and transactions along with social media, strong security systems are all the more imperative. Most organizations in their Digital journey are even more vulnerable while embracing cloud, IoT, mobility, analytics and social media. It is becoming clear that data ethics, privacy, and security need to form an integral part of every organizations and individuals essential day to day need.

Despite having 600,000 digitally skilled employees in India, only a meager 10-12 percent have cyber security skills, while even fewer have data protection and privacy skills. Considering the rising threats of the digital age, organizations need to have a comprehensive GRC architecture in place, to address comprehensively the needs around Governance, Risk and Compliance in the ever evolving Digital Age."

Shibu Paul, VP - International Sales at Array Networks

"Despite being aware of security, majority of consumers are still alienated from the prevalent dynamism in today's IT infrastructure. The impact of a data breach to an organization averaged around $1.83 million in India last year. The true extent of the breach and the total period of compromise remain unknown while malicious program remain virtually undetectable. Preventing data breach is of utmost importance, especially in the banking segment where the incentives are significantly higher. New deployments over 5G have opened more opportunities for the hackers as well as IT vendors. The cyber risk management practices and mindsets of yesterday no longer suffice and may actually inhibit innovation. It is incumbent upon CISOs to focus on data privacy as part of their company policy and nurture strong cyber security culture with appropriate levels for governance, prioritization, management focus, and ownership."

Dr. Shankar Narang, COO, Paras Healthcare: As Health Information Goes Digital, Organizations Must Focus on Data Protection

Healthcare organizations have increasingly started adopting digital solutions to make healthcare systems more efficient. Not only does digitization eliminates paper records, it also consolidates all patient data in a centralized system. If patient data is linked with Aadhaar and made available online with the consent of the patient, not only will it improve convenience, it will also serve as a data repository that can be used for the purposes of medical research. Advances in AI have made it possible for data scientists to train machine learning models while keeping the data confidential. This will soon make it possible for healthcare providers to provide more timely and accurate diagnoses and prognoses.

The recently introduced Data Protection Bill is a good step at laying out provisions to offer safeguards to citizens from exploitation of their personal data. However, it also leaves many questions unanswered. The Bill places personal health data under the category of ‘sensitive data’ which can be processed only based on ‘explicit consent’ by individuals. Data experts in healthcare believe greater clarity is required on these provisions to enable organizations frame their policies coherently. Healthcare being one of the largest users of data science and AI, the sector constantly processes and analyses healthcare data. Organizations in the field therefore also require greater assurance that their AI-based data analytical tools and algorithms which help them improve their services and offerings will not be affected.

However, digitization also makes healthcare organizations highly vulnerable to cyber attacks. Cybercriminals are particularly attracted to organizations that have high value information and a low risk tolerance, and organizations in the healthcare industry see more intrusion attacks per day compared to other industries. Possibility of electronic health records getting compromising or stolen, ransomware attacks on hospitals and insurance companies are among the major threats. These threats might also include the possibility of attack on medical devices implanted on patients or attacks that disrupt digital infrastructure’s ability to provide patient care. Imagine a scenario where ICUs are running completely on digital systems and a malware attack disables the entire network of the hospital. Even a few minutes’ of such a disruption can be life threatening for critically ill patients.

We have endeavoured to create awareness through carrying messages and concerns .Let’s Think Privacy First!