Top tips to keeping your private data safe

Top tips to keeping your private data safe

In a world where computers and smart devices are becoming increasingly relied upon, the amount of data stored online is rising. It is now becoming more important than ever to make sure this data, whether personal or commercial, if adequately protected. Dr Hotchen, a senior trainee patent attorney at Wynne-Jones IP, is advising organisations of all sizes to assess their online, smart device and computer security policies ahead of Data Privacy Day this Sunday.

The international awareness day aims to promote data privacy and highlight data protection best practice among businesses, charities, organisations, and individuals across the globe. This also comes as individuals and businesses evaluate their security processes ahead of the General Data Protection Regulation (GDPR), coming into effect from 25 May 2018. To support businesses in effectively securing their confidential information, Dr Hotchen is offering his top tips for maximising data privacy.

 

Passwords

When protecting sensitive data from potential hackers, a password is often all that prevents unauthorised access from those who wish to exploit confidential information. As such, it is crucial that businesses storing staff records, client data, confidential reports (which might include specialist “know-how”), and information on business transactions choose strong and secure passwords.

People often leave their data vulnerable by relying on the same password for numerous accounts, both at home and whilst at work. While this can help the user to remember a password, if the password is compromised, a hacker may more easily exploit data from other accounts which use the same or similar passwords. More worryingly, if passwords are duplicated between personal and business accounts, a compromised personal account could lead to unauthorised access of a business account and the numerous files within your organisation. Therefore, users should avoid duplicating passwords across accounts, in particular, between personal and work accounts.

Choosing predictable passwords such as ABCDEF or 12345 are easily cracked by those seeking to access your private documents, and therefore should be avoided.

Finally, the longer and more complex or random the password, the more difficult it will be to crack by brute force. Choose a password which features upper and lower case letters, numbers and at least eight characters to make it more difficult to hack into. A simple trick to choosing a strong but memorable password is to use four random words – such a password could take 100’s of years to crack using brute force alone.

 

Password Managers

As a company you may store thousands of files on internal websites or archives which need to be protected from potentially harmful outside influences.

A business may even run various websites for external clients which needs extra security against hackers.

One effective way to help prevent hackers access your passwords and gain access to your data, is to utilise a password manager. A password manager can store the passwords for numerous accounts in a database so you don’t have to remember them all.  

To prevent unwanted access, password database is encrypted with a master password – the master password is the only one that needs to be remembered and the one that allows access to the stored passwords.

Whilst this is a convenient method so that you do not have to remember lots of different passwords, if the master password is compromised, a hacker will gain access to all of the passwords stored in the database. Therefore, the strength of the password manager is only as strong as the master password, and it is advisable to make sure the master password is sufficiently strong.

 

Confidentiality

Confidentiality is key to any business. Companies, in particular those which invest heavily in developing unique products, branding, and inventions, are reliant on protecting sensitive information and know-how which could contribute to their eventual success. For example, trade secrets are commonly used in the food and drink sector to protect recipes and formulations. In principle, a trade secret can keep a formulation secret indefinitely, however, in the event of a data breach, this information could enter the public domain without any legal protection.

A contrasting approach is to protect commercially valuable IP by virtue of patents, registered designs, and trade marks. In the case of patents, this can provide a monopoly in a market for the patented invention for a maximum period of 20 years. In return for this monopoly, the patent owner is required to fully disclose their invention. However, it is important not to disclose details of your invention publicly before a patent application has been filed, as otherwise this will invalidate your patent.

Such initial investment to develop products, such as the development of a new therapeutic drug, can cost millions of pounds. If this commercially valuable data is not adequately protected, this could allow competitors to copy the product at a fraction of the investment cost.

 

Mobile phone access

Mobile technology has now made accessing confidential data on the go even easier. Smart devices are the number one hassle-free method for accessing information and personal data, with mobile phones and tablets used daily for banking, reading work and personal emails, and purchasing goods. However, this ease of access, has provided hackers with even more opportunities to obtain personal and private data. As such, individuals and companies who provide staff with phones need to be even more stringent when it comes to data privacy. Raising awareness of data privacy is probably the first course of action. Ensure you are well versed on privacy settings for different accounts and applications, paying specific attention to any software or app updates, to keep your information safe. It is also advisable, where possible, to keep separate work and personal devices.

 

Anti-Malware protection

Hackers and those seeking to exploit private and confidential data are utilising increasingly sophisticated and imaginative methods to access information. Malware, which includes viruses, spyware, trojan horses and more, can be found in seemingly legitimate emails, shared files, video links, and downloads. In certain circumstances it can even be disguised as an email from a friend or in a website link. Workers who work predominantly on computers could be particularly susceptible to someone accessing their information in this way. As such, employers should make sure their anti-malware (including anti-virus) software up-to-date; run anti-virus scans frequently, including thorough and wide-ranging scans of all their software; and mark all suspicious emails sent to them as junk. A company-wide privacy policy, advising on all suspicious emails and what the procedure is, could also help to minimise risks associated with malware.

 

In summary…

In a world where computers and smart devices are becoming increasingly relied upon, the amount of data stored online is rising. It is now becoming more important than ever to make sure this data, whether personal or commercial, if adequately protected. Whilst savvy hackers might (eventually) be able to gain access to almost any account, adopting best practices whilst online can help mitigate this risk, and can help keep your valuable data safe.

 

Related News

news

Coronavirus - UK IPO, EPO and EU IPO extensions and support

A simple overview of the current status from IPOs. Last updated 31st March 2020. 

UPDATE - UK IPO support for those affected by Coronavirus
news

UPDATE - UK IPO support for those affected by Coronavirus

The UKIPO has now certified that a ‘period of interruption’ began on Tuesday 24 March 2020.

BREAKING NEWS - German Federal Constitutional Court decides on UPC complaint
news

BREAKING NEWS - German Federal Constitutional Court decides on UPC complaint

The German Federal Constitutional Court has now issued its long-awaited decision (source) in case  2 BvR 739/17 which was a complaint against the German Ratification Law under which Germany was to ratify the UPC.

EPO announces extensions to deadlines due to COVID-19
news

EPO announces extensions to deadlines due to COVID-19

On Sunday 15 March 2020 the EPO published a notice advising it is invoking the provisions of Rule 134(2) EPC, and has extended all periods expiring on or after publication of the notice to 17 April 2020. This may be extended by the EPO upon publication of a further notice.

EUIPO extends all deadlines for Community Design and European Union Trade Marks
news

EUIPO extends all deadlines for Community Design and European Union Trade Marks

The Executive Director of the EUIPO has today (16 March 2020) issued a decision regarding extensions for all time limits on trade mark and design matters at the EUIPO. In accordance with the decision, all time limits expiring between 9 March 2020 and 30 April 2020 inclusive are extended until 1 May 2020.

news

UK IPO announces support for those affected by coronavirus

In brief, the UK IPO has indicated that it will use its discretionary powers (on a case-by-case basis) to extend time limits where possible under national and international law.

*Update* “EPO Board of Appeal finds Broad Institute’s CRISPR patent to lack valid priority claim and upholds revocation of patent (T 0844/18)”
news

*Update* “EPO Board of Appeal finds Broad Institute’s CRISPR patent to lack valid priority claim and upholds revocation of patent (T 0844/18)”

Earlier this year, we reported on the EPO Board of Appeal’s decision to uphold the revocation of the Broad Institute’s CRISPR patent (here). Now it appears that the Broad Institute is gearing up to put forward a petition for review by the Enlarged Board of Appeal as a last resort to save their patent.

news

The UPC is dead, long live the UPC!

European patent attorneys have been getting excited about the Unitary Patent (UP) and Unified Patent Court (UPC) for years, writing articles, and giving talks and presentations about the ins-and-outs and twists-and-turns of the whole thing. So what is the current situation? What has happened now?

aipex logo aipex logo aipex logo