3 Ways Your Business Can Combat Data Security Vulnerabilities
By Raju Vegesna
Big tech surveillance has been an issue for some time now, but in the last year it’s increased rapidly to become more of a privacy invasion than ever before. To make matters worse, the current COVID-19 pandemic has made data particularly vulnerable to misuse, as the crisis has distracted some from data security and privacy protocols.
Historically, disasters have caused fear and frenzy in the media, meaning data security is drowned out. For instance, during and after Hurricane Katrina, the HIPAA Privacy Rule was waived to help with disaster relief efforts, which later lead to a data breach. This pattern of the past is a warning to what’s already occurring and the possible disastrous outcomes that may be to come. Businesses must look past big news stories and remain focused on data security news that may no longer be on the front page, so that they can stay protected. There are manageable ways that allow businesses to stay alert while compensating for new challenges, and the decisions they make today will combat future attacks.
So Where Does Privacy Stand Today?
Unlike ever before, forty-two percent of the U.S. labor force is currently working from home full time, which opens the door to an entirely new set of security risks that didn’t exist in our old work environments. With the pandemic re-defining what work means, it also calls for a need to re-define how your business handles data security. The top security threats resulting from working from home have been email-based threats and endpoint-security gaps, according to senior analyst at the Global Cyber Center of NYC. Combine that with email phishing scams, password vulnerability, and weakened Wi-Fi protocols, and now hackers have many means to access sensitive data. In addition to fearing vulnerabilities exposed from remote work environments, some companies are enacting sneaky surveillance tactics to monitor their employees, and that has implications for personal data, too. Some big tech companies have a surreptitious past of violating their users’ privacy, especially recently. Currently, Twitter is under investigation by the Federal Trade Commission “for potentially misusing people’s personal information to serve ads,” facing fines up to 250 million dollars.
Coincidentally, Google is also being investigated by European authorities on its recent 2.1 billion dollar purchase of the health tracking app Fitbit and what they will do with users’ health data. And just recently, Oracle and Salesforce were hit with a lawsuit arguing “that mass surveillance of Internet users to carry out real-time bidding ad auctions cannot possibly be compatible with strict EU laws around consent to process personal data.” Even just last week, over 2 million Android and iPhone users downloaded seven adware apps from the Google Play and App Store. Besides the misuse of data, the real dangers of data breaches are still very much alive. It seems many of us give total trust to our work apps and software we use daily, but all of these incidents confirm one thing: Just because we use popular software to do work, doesn’t mean we should trust these companies with our data.
How to Protect from Data Security Vulnerabilities
Security threats looming in the future should cause businesses to re-evaluate their software and ensure they plan ahead for future implementations to amplify safety. If you’re not a larger company that can afford to build tools in-house to ensure employee data stays secure, there are still ways to stay alert and make sure your data remains private.
1) Examine third-party privacy policies and read the fine print
As cumbersome as it can be, its critical to review third-party privacy policies thoroughly and make sure contracts align with your business privacy values. Another good indicator of a policy with potential privacy issues is one that is difficult to understand. Wording full of technical jargon juxtaposed with alarming policies should be a clear indicator of how a company will treat your data.
2) Create a privacy pledge to keep employee data safe and secure
Companies continue to monitor employees, users, and more through work software and most of the time, employees are completely unaware. Tools such as Slack, which can show when you’re on and offline and Zoom, which has new “attention tracking” features that allow employers to screenshot employees’ monitors periodically, and more can be concerning and risk your employees’ trust in your company. Most employees would agree that these are an invasion of privacy, so having a transparent privacy pledge will help make employees feel safe and will allow businesses to examine their software solutions thoroughly so that data security comes above all else.
3) Look for applications that don’t collect consumer data
It’s important to break this down further because not all apps collect data for misuse. Look into using applications that only collect data that’s necessary for the software to work effectively, but steer clear of software that needs data for other purposes. For example, if you’re using an application that will also track online activity unnecessarily, this should be a red flag and potential sign for poor privacy practices.
Data Security Vulnerabilities at an All Time High
While GDPR compliance has forced big tech companies to adhere to higher privacy and security policies, we continue to see data misuse soar throughout the pandemic. Trackers and monitoring are at a high with remote work software solutions collecting and monitoring data without our knowledge. Additionally, businesses are overlooking data security to attend to their businesses’ survival. Yet, big tech isn’t going to cease in their practices of collecting and using data for financial gain until they’re caught red-handed. Businesses must take charge of their own data security and privacy by planning in advance and investigating the software they use and what they want to use in the future.
Unless businesses take a stand against privacy misuse and work to protect their company and employees, little will change. COVID-19 has turned software security risks into a ticking time bomb with little left on the clock and attention focused elsewhere. If companies both small and large can work on taking security more seriously, we can avoid devastating breaches and security disasters for years to come.