In 2008, Data Privacy Day started as an extension of Europe’s Data Protection Day, which commemorates the signing of Convention 108. This year, the National Cybersecurity Alliance (NCA) established Data Privacy Week to empower individuals and businesses to respect privacy, safeguard data and enable trust. Plus, data privacy is so important that it needs more than just a single day of discussion!
Devo takes the data privacy of its customers and employees very seriously, which is why we became a Data Privacy Week Champion this year. We’re taking this week to reinforce data privacy best practices because we understand the critical need to be open and honest about how we collect and store information. Data Privacy Week is the perfect opportunity for every security team across every industry to refresh their peers, too, so here are my tips for reinforcing good data privacy processes.
Help Employees Understand Data Privacy and Conduct a Data Check-Up
The NCA provides several resources on communicating with your organization’s employees about data privacy and what it encompasses. This infographic on helping employees understand data privacy is insightful, and we echo many of the NCA’s recommendations internally here at Devo. As the NCA notes, most employees aren’t privacy or security experts as we are. The CISO team needs to make it easy for them to report privacy or security concerns to us. At Devo, we have a specific tool employees can use to report a suspected phishing email. We’ve also created open lines of communication with everyone by establishing a security-specific Slack channel.
The CISO team also recognizes that our employees are inundated with tons of emails and messages, so when we need to communicate about critical security updates, we adhere to the KISS model — keep it simple, stupid! The more concise the notification, the more likely employees are to pay attention and take the necessary actions.
We also proactively educate our employees on managing their privacy settings across the online accounts and platforms they use in their day-to-day routines. The NCA has a great library of resources for this, as well. In a work setting, it’s particularly important that employees continuously review and manage the privacy settings on their email, online conferencing tools, search engines, and any other online tools or platforms they use for work. Proactively guiding employees on executing these checks and balances can go a long way toward ensuring their data isn’t inadvertently breached.
Make Data Privacy Personal
Information is much more likely to stick when employees can personally connect to it. So, while it’s great to reiterate data privacy best practices for the workplace, employees may be more inclined to pay attention if they also receive information on protecting their family data. Many employees have partners or children they’d like to keep safe online! The NCA has curated resources on raising privacy-savvy kids in today’s digital world. And this panel discussion from StaySafeOnline.org is another great resource, as it provides informative recommendations for protecting home devices. This is especially relevant as more organizations shift to a hybrid work model. Our CISO team can better engage employees on data privacy issues by providing them with this more personally relevant information. Otherwise, employees could easily overlook our message.
Data Privacy Week is a great time to open a dialogue and remind your colleagues they may need to fortify their online presence. At Devo, we’re taking advantage of the awareness week and the resources generously provided by the NCA. We hope this encourages you to take proactive steps to communicate the importance of data privacy in your workplace, too!