THE BLOG

Data Protection - It Isn't Just For Businesses

20/09/2017 15:49 BST | Updated 20/09/2017 15:49 BST

Data. We send and receive so much of it on a daily basis that we almost don't think about it anymore. As long as it reaches its destination, we don't think about what happens to it in-between, or even consider who may have access to it.

We're told to protect our personal data in a variety of ways, whether that be shredding documents containing our bank details, or shielding our pin from prying eyes when using our debit and credit cards for payment. However, despite all the education around data protection, we as consumers are all very guilty of ignoring this guidance, leaving ourselves open to data theft, but just assuming that 'it won't happen to us'.

The WannaCry ransomware attack on the NHS in the UK earlier this year brought cyber security and data protection to the forefront of the news agenda, and while the cause was not found to be from a lapse in internal security, it's never been more important to talk about data protection, and how we can better defend ourselves against potential attacks. Don't assume that because you're not a business, your data is automatically safe or not valuable to others.

However, in a bid to keep our personal data safer online, new proposals from the UK government aim to grant consumers much more control over what happens to their personal information, digital or otherwise. This means that we will be able to ask for our personal data, or information posted about us when we were younger, to be deleted. This is in line with the business requirements outlined in the EU General Data Protection Regulation, due to take effect in May 2018.

It is still ultimately down to us to keep our data safe and a recent survey of IT professionals around the world has revealed what, as consumers, we're probably already painfully aware of; we're really bad at making sure we log out of our devices, and protecting our personal and (sometimes) business data. While this may not be news to the average consumer, the fact that businesses continue to be lax with their login credentials despite a rise in cyber-attacks should be concerning. And, if businesses are treating their own security in such a way, how bad are we as consumers in our daily lives, and what danger are we putting ourselves, and our personal data, in?

The 2017 Secure Access Threat Report from Bomgar found that 69 percent of respondents admitted to staying logged on to their laptop, personal and business accounts when they didn't need to. While the reasons for this were not necessarily given, we all know the excuses; 'I can't remember my password so I just stay logged in' or 'It's a pain to have to log in every time.' This somewhat lazy approach to data protection poses not only a threat to our personal data, but potentially business data stored on personal devices as well. As the volume of people working remotely continues to rise, with the TUC reporting in 2016 that 1.5 million people now work from home, an increase of 241,000 in the last decade, many of us are using our personal mobile devices to check work emails, and even working from our personal devices from time to time.

As such, it's never been more important to consider the dangers that this poses to personal and business data, considering remote working doesn't always mean working from your own home.

Perhaps unsurprisingly, a further 53 percent also admitted to logging onto unsecure Wi-Fi connections, such as those at coffee shops and on public transport. It's something we do without thinking, and we're all guilty of doing this in the name of convenience, not stopping to consider who can see what we're doing on these networks, and the data we're transmitting across them. This is an increasing symptom of the way modern businesses operate, and the increasing desire to work remotely, forcing us onto potentially untrusted networks in order to carry out our day jobs in a way that works best for us.

Amplifying this issue, 57 percent said that they send work files to personal email accounts due to lack of access to VPNs and other remote access platforms. This means we are sending sensitive data across unsecure networks, leaving that data open to interception, putting both personal and business data at risk.

A further 46 percent even said that they shared their passwords with colleagues. From a consumer point of view, this is the same as sharing our login credentials for streaming services such as Netflix. Now, ask yourself; how many people are really using your Netflix logins? You may have shared them with one person, but that person could then have shared them with someone else. It's a slippery slope, and one you may not have any control over. While they may not seem like overly sensitive credentials, anyone with access to this kind of information has your debit or credit card details, address and other sensitive private information that could be used against you or have some inherent value to someone else.

With the above in mind, there are some very simple steps that consumers can, and should, be taking to ensure they are keeping their own data safe, and any potential business data they may be handling:

• Log out of any and all accounts that are tied to personal or financial information when you're no longer using them

• Be extra vigilant when logging onto public Wi-Fi networks. Do you need to log onto that network, or can it wait until you get somewhere more secure?

• Try not to share your passwords and login details with anyone, even for something seemingly innocent such as Netflix.

• Avoid sending business data and documents to personal email accounts, or downloading them onto personal memory sticks.

With these steps in place, it will be much easier for businesses and consumers alike to ensure that data is kept safe, regardless of location or the method used to access it.