January 28 marks Data Protection - or Data Privacy - Day, an international effort to create awareness about the importance of respecting privacy, safeguarding data, and enabling trust. Whether you are a company entrusted with personal data or an individual using connected systems, this day is the opportunity to take stock and ensure everyone’s data remains safe.

Five years after the entry into force of the General Data Protection Regulation (GDPR) in Europe, more and more data protection initiatives defining rights, obligations, and enforcements are being passed and adopted across the world. In 2022, the Middle East, the Asia Pacific and States in the US also introduced or amended data privacy and protection laws, and countries not implementing such regulations are now clearly in the minority. Gartner has estimated that by the end this year, 75% of the world’s population will have its personal data covered under modern privacy regulations.

Such legislation is vital when we consider that personal data remains among the top the assets targeted by cybercriminals. The evolving use of new infrastructures such as the cloud, and the wider use of smart devices and connected gadgets also means that keeping data protected has never been more crucial or difficult than it is today.

With our societies becoming more and more connected, and an increasing number of our daily interactions being conducted online, we all have a role to play to keep data safe, whether it is our own data or that of other people. Here are a few suggestions on how we can do this.

Enterprises

Research by Thales has shown that only 56% of security and IT management professionals are very confident or had complete knowledge of where their data was being stored in 2022 – down from 64% in 2021. Businesses can be their own biggest threat when it comes to data, with skill gaps and spending misalignments contributing to the problem, but a number of basic steps can help companies quickly put themselves in a better position.

• Prepare for threats: Create, maintain, and test encrypted, offline backups of critical data. Develop and exercise both a cyber incident response & communications plan. 
• Roll out cybersecurity training: Human error remains the weakest security link across businesses. Create and maintain a cybersecurity awareness training program for all employees so they can confidently navigate risks.
• Encrypt all your data: Protect all your data, whether stored or transmitted. In the event of a data breach, the encrypted data will be of little value to the attackers.
• Implement multi-factor authentication: Verify users and system components using multiple factors (not just simple passwords) and according to the risk associated with the role, requested access or function.
• Harden your systems: Keep systems up to date, consistently maintained, and use appropriate tools and security teams to regularly test and evaluate your environments.

Find out how Thales can help you be compliant with the increasing number of privacy legislations, and about how Thales's data security platform can help protect data anywhere in the world.

Consumers

We are using more and more smart devices and gadgets and sometimes allowing organizations to collect data from our most personal places, such as our homes and our vehicles. In a similar manner to the compliance solutions offered by Thales for companies, as consumers we can also ensure our personal information remains as secure as possible by keeping in mind a few simple steps.

• Guard your digital identity: Be mindful of where you share your personal information and who with, and be cautious about what information you share online.
• Think before you click: Don’t click on any promotional links sent via email or SMS, rather type the URL of the website directly into your browser, or if on mobile, directly via the app.
• Never reuse: Never reuse the same password between different sites. Implement software that generates unique passwords. 
• Be mindful: Remember that your computer or mobile device can contract a virus or malware at any point of you being on a website or app. Practice sensitive caution at all times.
• Always use a VPN: Where possible, use a trusted Virtual Private Network (VPN) when using publicly-available (and potentially insecure) Wi-Fi networks 
• Back up often: Keep your data backed up regularly, so that you don’t lose it if your device or storage is ever compromised. 
• Shop smart: Always do your research on a store before purchasing and look for assurances that your transaction is secure and payment details kept safely.