By Raymund Enriquez Liboro, Privacy Commissioner, National Privacy Commission
Many of us take a much-needed respite from work to reflect and rejuvenate this Lenten season. At the same time, however, there might be those who are just waiting for us to let our guards down. That’s why it’s incumbent upon those who secure data processing systems to make sure that their mechanisms and processes are in place to prevent any kind of data breach, or to respond as quickly and efficiently as they can in case it happens.
The National Privacy Commission recently issued an advisory for Data Protection Officers reminding them to stay vigilant, and to make sure that the data they are entrusted with is secure, even as they take the Holy Week long weekend to be with their loved ones. Here are the contents of the memorandum we issued:
- Place non-mission critical systems, especially those that contain or have access to personal data, offline.
- For systems that are kept offline, ensure that all system activities are recorded and the aforementioned logs are secure.
- Password-protect or encrypt files and databases on servers, desktop computers, and other devices.
- Conduct a backup of systems and databases.
- The Information Security team needs to retain the ability to remotely monitor systems and be ready respond to any unusual activity.
- Prevent physical breaches by securing office premises adequately.
The protection of personal data during long holidays is, after all, akin to securing one’s home when leaving for an out of town trip. When you leave home for a long period of time, you do your best to make sure that security precautions are in place so that break-ins do not happen. In the same way, our DPOs should safeguard their I.T. systems in times of minimal staffing.
On the other hand, individuals going on the road for the holidays should also take steps to protect data in their devices:
- Double-check if your laptop or mobile phone has been updated with the latest security patches. Being on the road or away from your home network would mean that data connectivity could be slow and limited, and so you won’t be able to do this reliably.
- Make sure your personal and work data are backed up securely. As history has shown, major personal information breaches were done during long holidays, as this is a preferred time for criminals to act online.
- Turn off your home network router if nobody is going to be left at home. Powering off these devices on top of turning off your home appliances will not only save you unnecessary electricity costs, but also deny criminals an avenue to attack your home remotely.
- Be aware of phishing scams and fake websites. Users need to be vigilant of emails and fake websites that aim to extract log-in credentials from unwary users. There has been an increase in these, and we need to be cautious when accessing our accounts, whether from our personal devices or those we share with others.
Always be safe, everyone. Wishing a reflective, solemn, and rejuvenating Lenten break!