With the continued enforcement of GDPR, evolving cybercrime tactics, advancements in AI, and the spread of privacy focused legislation, 2019 is shaping up to be an interesting year in data and cybersecurity. Make sure you’ve checked these data security best practices off your list for a safer, more secure 2019.
1. Lock Down Data Access
If you collect and manage sensitive data, you have to take extra care to guard against any unauthorized access. While it’s not a comforting thought to entertain, there are people who would exploit sensitive data at their organizations if given the chance. Also, there are plenty of accidents that can happen unintentionally if the wrong people have access to data. Head off issues before they start by investing in a data collection solution that allows you to give data access only to the right people.
2. Remember the Basics
A surprising number of leaks of data from unprotected databases that didn’t even have basic password protection occurred in 2018, affecting companies such as the anonymous work-related social media app Blind and Amazon. In 2019 go back to the basics for data security best practices and make sure there are no gaps in your data security that could expose customer data.
3. Continue to Focus on Compliance
Since the GDPR took effect in 2018, the fines are starting to roll in, including a recent $57 million penalty for Google from French regulatory body CNIL. Just because you met the original enforcement date last year doesn’t mean you’re out of the woods yet. Continue to make data privacy and GDPR compliance a focus. Get more GDPR information and resources on our site.
4. Watch out for Advanced Cybercrime Tactics
Threats to your data security continue to be a danger in 2019, so spend some time researching some of the advanced cybercrime efforts that may be on the horizon in 2019.
- AI chatbots used for malicious purposes. According to Corey Nachreiner, CTO of WatchGuard Technologies, chatbots could be used to carry out social engineering attacks and infiltrate websites.
- Spearphishing efforts that target individuals and use specific information and relationships to exploit them for criminal purposes could be made more dangerous with the addition of AI.
- Increasingly sophisticated attack toolkits make it easier and easier for nearly anyone to launch a cyberattack.
5. Embrace Multi-Factor Authentication
If you haven’t fully implemented one of the most important data security best practices, multi-factor authentication, at your organization, 2019 is the year to strive for it. The era of just using a password for protection is over. LastPass is one example of a tool that can help you implement multi-factor authentication across your organization and add additional security to the systems you use.
6. Explore AI, But Carefully
Advancements in AI software can be used to help drive better decisions, automate processes and even fend off cyber attacks, but there’s a downside as well. AI can be an attractive target for cyber attacks. Explore the benefits of using AI software for your own cybersecurity efforts, but make sure to do plenty of research into the company you choose as well.
7. Respect Customer Privacy, Even If It’s Not the Law
The U.S. doesn’t have a federal law that compares to the GDPR, yet. However, there are signs that a sea change may be coming. California has already passed a consumer privacy law similar to the GDPR. Data security best practices are to err on the side of caution, and start to take action to protect your customer’s privacy whether you’re required to or not.
8. Protect your PHI
Healthcare organizations are as attractive as ever to cybercriminals in 2019, due to the value of the data they could potentially gain. Medical data is sought-after on the dark web, costing up to $60 per medical record. Because of these threats and the value of healthcare data, it’s vital to ensure HIPAA compliance on any systems that you use to manage your PHI.
Want more data security best practices for a more secure 2019? Learn more about our HIPAA-compliant Compliance Cloud plan here, or check out our State of Data Privacy 2019 whitepaper below.