World Backup Day, celebrated each year on March 31st, is a day created to promote backing up data from your devices. First observed in 2011, the holiday stresses the importance of having extra copies of data in case of an attack or accident. Setting aside a day to encourage people to establish this habit gives us an opportunity to review basic cyber hygiene practices. So, get involved! Employing these tips will go a long way in bolstering your digital security and protecting against potential attacks.
1. Review Privacy Settings
Most of the apps on your devices have privacy settings of some sort, regarding what information the app is allowed to access or share. Reviewing these privacy settings every once in a while, is important to make sure you aren’t sharing any data that you don’t want to share. This can also include connected apps and programs, access permissions, and remembering your login information. Using the default settings or allowing permissions without thinking can lead to data being shared or stolen.
2. Update Software and Hardware
Keeping your apps and programs up to date is important, as is upgrading your devices when necessary. Old software versions may be missing protections, have exploitable flaws, or simply be inefficient. Outdated devices can have performance issues that may make them vulnerable in various ways, susceptible to cyberattacks and internal failure. Updating both software and hardware should be a consideration whenever you review your cyber hygiene.
3. Control Access
Ensuring password security is one of the easiest steps you can take to protect your data, devices, and accounts. Create complex passwords that cannot be easily guessed and are different for each account. Using multi-factor authentication (MFA) when possible is also recommended. A password manager is an effective way to keep track of many complex passwords.
Whether it means physically restricting who is allowed to use your devices, or using passwords or other measures to restrict access to sensitive areas of your network, monitoring and controlling who has access to what and when is vital. Exercising the principle of least privilege is always recommended: every user, app, program, and device should be able to access only the areas and data that are necessary for their function.
4. Encrypt Your Sensitive Data
Data encryption isn't just for large organizations. It is now possible for anyone to encrypt data and other information through a variety of readily available tools. Additionally, encryption shouldn’t just be limited to storing financial, customer and proprietary data; you can also encrypt your communications and your web traffic, as well as your passwords. All of these can be considered best practices to secure your private data, and comply with various compliance mandates.
5. Backup Data
Backing up your data is the number one most effective method of protecting against ransomware, by a long shot. Because ransomware works by using your files as an incentive to pay a ransom, having a backup copy of all of your data renders an attack pointless, as you still have the data that has been stolen and held for ransom. Data backup is even effective against double extortion ransomware attacks, where a bad actor not only steals but encrypts data. A ransomware attack can be stopped in its tracks by restoring data from a backup and continuing operations unscathed.
Backups are also important to protect against other forms of disaster that could endanger your files. The World Backup Day website states that 29% of data loss incidents are caused by accident, and 113 phones are lost or stolen every minute. Losing a device or files by accident can be just as devastating as having it stolen by a cybercriminal, and backing up your data can also help mitigate the fallout of such accidents.
Join me and Thales in our celebration of World Backup Day this year by taking the time to create at least one backup on March 31st, spreading the word to your friends and family, and working to establish good cyber hygiene. You can learn more about our data and cloud protection services here and take steps to protect yourself, your devices, networks, and data against malicious attacks and accidents alike.