10 methods to preserve your personal information (PII) or sensitive data
We have personal information "PII" and sensitive data needs to be protected from malicious cyber threats. However, not everyone has the knowledge to prevent personal information from being stolen or misused when using the Internet. Organizations and businesses continuously collect, store, distribute, and collect data about PII and use it for commercial purposes from users.
10 methods to preserve your personal information (PII) or sensitive data
Everyone has personal information "PII" and sensitive data that needs to be protected from malicious cyber threats. However, not everyone has the knowledge to prevent personal information from being stolen or misused when using the Internet. Organizations and businesses continuously store, distribute, and collect data about PII for commercial purposes from users.
However, many individuals and organizations don't fully understand the consequences of data disclosure and mishandling. Therefore, this article'll provide some measures to protect you from the risks of personal information disclosure and help you protect yourself from attack networks.
Here is each protection method
1. Data encryption
If the encrypted data is in the hands of the attacker, the attacker won't know the original data information. This is an important way to prevent data loss (data loss prevention).
Data encryption protects your business from attacks that access errors in your personal or employee data. For individuals, we prevent the disclosure of personal information in order to encrypt the data. What kind of data do we need to encrypt?
- Company's proprietary data, intellectual property.
- Financial data, reports, project information, etc.
- Customer data, customer personal information.
- Data on business strategy and new products.
- User's personal data (mobile devices, personal computers, email, etc.).
- It is stored in sensitive user data (device, cloud).
2. Use a strong password
Strong passwords help prevent the risk of attacks that detect hacker account passwords (brute force or dictionary attacks). Setting strong passwords can prevent an attacker from accessing the password for an individual or organizational account, or increase the attack time of the attacker.
You will need to set strong passwords for important accounts (banks, emails, social networks) or passwords for accessing personal devices (laptops, servers, etc.). A strong password is required to protect the element.
- The minimum length is 8 characters or more.
- Includes all password elements: uppercase, lowercase, special characters, numbers.
- Do not use personal information for passwords (eg date of birth, phone number, etc.).
- Do not use the same password for multiple accounts.
- Do not use passwords that can be used in dictionaries or default passwords.
- Use a secure password manager.
3. Use two-step verification (2FA)
Two-factor authentication (2FA) or multi-factor authentication (MFA) can be used to create an additional layer to protect your account from being stolen by an attacker. If you are using 2FA, even if a "hacker" attacker obtains your account and password, the attacker will not be able to access your account. You need to enable 2FA for important accounts (banks, emails, social networks, etc.) or when accessing important servers. 2FA is installed on the user's personal device. You can use common 2FA.
- Google Authenticator
- Microsoft authenticator
4. Regularly back up your data
Regular data backups help protect your data and avoid the loss of important data. Attackers can delete data on servers or personal devices, but regular and secure backups can recover data from backup sources, reducing the risk of data loss. You need to back up your personal device (mobile, computer) data and important website data.
- Backup in the cloud (google cloud, dropbox, iCloud, etc.)
- Backup on the physical storage device
5. Safely delete personal data that is no longer used
When you delete data files, image files, or documents that contain personal data that is no longer in use, be sure to safely delete them so that your personal and sensitive data will not be disclosed or restored. Without secure deletion, an attacker could collect or recover such data.
For example, if you delete a file on a regular computer, it will be saved in the Recycle Bin. If an attacker gains access to your computer, you can recover that data.
Or, when canceling a contract, instead of putting it in a shredder, simply crush it and throw it in the trash so someone else can pick it up and read it. So you need to destroy that data altogether.
6. Regularly update the security version
Cyber attacks are becoming more and more common, and zero-day vulnerabilities are increasingly being used to attack users. Regular updates of security versions by developers allow users to avoid known attacks and reduce the risk of device attacks.
Your personal device (mobile, laptop) or server should be regularly updated to the latest version and checked regularly to ensure your safety.
7. Use secure Wifi
If you don't use your Wifi network safely, there is a high risk of information leakage. For your safety, use Wifi only if you know the source.
Wifi can be hacked and eavesdropped on by hackers (man-in-the-middle) and user data can be stolen, so websites with personal, confidential, or monetary transactions using free or public Wi-Fi Avoid accessing.
In addition, the device may connect automatically and set up insecure Wifi without a password. Turn off the automatic Wifi connection on your mobile device or laptop.
8. Use VPN service
VPN services help you securely encrypt your data while you are accessing the Internet. Therefore, your data will be protected even if you are using wifi-public or something that is not secure.
You should choose to use a secure and reliable VPN service. Avoid using insecure, free VPN services, as the data can be completely decrypted if the VPN provider is unintentional.
9. Access only sites that use HTTPS
Visiting a website without encryption (HTTP) can be attacked by interception attacks, which can reveal your personal data. When accessing payment sites, websites that include personal accounts should check the following factors: Your website has the correct domain name and you must use HTTPS.
Many phishing attacks spoof websites (same appearance, different domain names) that can cause users to lose their personal and bank accounts.
Therefore, when you visit the website, you should carefully check your domain name and certificate to make it accessible to the official website.
10. Beware of Shoulder Surfing and Dumpster Diving attacks
It is a form of attack that does not use computer technology, but it uses a form entirely from humans and attacks people for information.
Shoulder Surfing: When typed on your cell phone or computer keyboard, the attacker will stand behind you and look over your shoulder to snoop on the information you entered to steal.
Dumpster diving: Documents dumped in the Unbroken Information Trash can be picked up by an attacker and collect the information contained therein.
11. Lock your device when not in use
Locking your personal device when not in use or when you are out is a safety precaution. Prevents others from accessing our computer.
You should lock the device as soon as you go out, or set it to lock automatically after about 1-5 minutes of inactivity, depending on your requirements. This not only helps prevent access to the device but also protects it from other risks when others access the device.
12. Securely access your account on public devices
The use of public computers with many potential risks in accessing personal information, these machines install spyware, viruses, keyloggers to record keystrokes and access browser data to access the data. You can steal it. Therefore, do not use public computers to access your personal or bank account.
If you need to log in to your account on a public device where you can install antivirus software, do not use your secret browser to save your history. Be sure to log out of your account when you are not using it. Always be especially careful of spyware and viruses.
13. Install antivirus software and malware on your device
Install antivirus software and malware on your mobile device, laptop, or computer to prevent the risk of malicious software attacks, website access, file downloads, and file execution virus attacks.
Use safe and reliable antivirus software: Kaspersky, Bitdefender, Window Defender, etc.
14. Always read the information gathering policy carefully
You should carefully read the information collection policies of your website or mobile application to avoid unauthorized access or collection of your sensitive or sensitive data.
If you read and only fully understand what your application or website collects or processes personal data, use and accept it.
The above are some measures to protect your personal data from the risk of information disclosure attacks. The measures may not be perfect, but applying all or most of the above measures will give you the peace of mind that your personal data will be protected from cyberattacks.
Consciousness is a decisive factor, so always be vigilant when accessing the Internet and actively accumulate knowledge to protect yourself and those around you.
If you are considering offshore development, please feel free to contact us.
※Here is our contact information.
Account Manager: Quan (Japanese/English available)
Phone number: (+84) 2462 900 388
Please feel free to contact us for consultation/application by phone.