By Colm Lennon, SitelogIQ Chief Technology Officer
Business today is more connected than ever before. We are constantly sharing sensitive information with customers, suppliers, partners, employees, and government agencies. There is an expectation on all of us that we will recognize the confidentiality and sensitivity of the data we are sharing and use the appropriate safeguards to protect it from getting into the hands of the wrong people.
At SitelogIQ, we’re committed to educating our team members and clients on what defines sensitive information and how to safeguard it. Throughout Cybersecurity Awareness Month, we are discussing social engineering red flags, how to properly handle confidential information, the dangers of insecure networks, and how to avoid credential harvesting attacks.
It is realistic, however, for some services or operations to require us to share personal information. This can include:
Personally Identifiable Information, such as email addresses, national ID numbers, and financial information
Protected Health Information, such as medical record numbers or health plan beneficiary numbers
Organizational Information, such as customer information
Classified Information, or information that has not been made public
If you are being asked to share any type of personal information or data, follow these verification steps to help ensure you’re sending the right information to a safe source:
Verify the source. Always confirm that the person who receives the data is the intended recipient (avoiding wrong email addresses, for example) and also has the authorization to access the data.
Verify the data. Sending the wrong data to the right person is no different than sending the right data to the wrong person.
Verify the method. Only transfer data via secure processes approved by our organization.
Cybersecurity Awareness Month is a great time to refresh yourself with best practices, but it’s critical to incorporate these guidelines into your every day habits when receiving, engaging, and responding to any unexpected or suspicious message – both professionally and personally. Keeping these tips and tricks in mind will help you protect your personal information and that of your organization.