Privacy Commission issues guidelines to prevent data compromise this Undas 2019

The National Privacy Commission (NPC) advises Filipinos observing All Saints’ Day and All Souls’ Day to take preventive security measures to avoid compromising data on their device and data systems.

For travelers, something as simple as avoiding the use of a public charging station will help keep their devices and personal data safe. In the absence of a portable powerbank, the NPC says that the plugging of mobile devices into a power outlet through an AC adapter remains the safest option.

Have you read “NPC shuts down 26 online lending companies”?

When connecting to free public Wi-Fi, make sure your VPN is active. It would also be best to visit only encrypted websites or those with HTTPS at the beginning of the URL.

“Practice informed discernment when deciding what to post online and what to keep safely private. For example, posting a photo of your boarding pass or passport can make you vulnerable to financial theft and identity fraud,” said Commissioner Raymund Enriquez Liboro.

Data protection officers (DPOs), personal information controllers (PICs), or processors (PIPs) in both the public and private sector are advised to ensure there’s adequate security for their data systems.

Here are the NPC’s recommended actions for DPOs:

  • Place non-mission critical systems off-line, especially those that contain or have access to personal data.
  • For all systems, whether online or offline, ensure that all system activities are kept secured.
  • Ensure to back up your data (both physical and digital). It is critical to have backups as it may be the best way to recover data when an incident occurs.
  • Ensure that workstations are properly managed and accounted for.
  • Implement physical security measures to prevent unauthorized access. Keep personal valuables safe.
  • Make sure all physical documents containing personal information are secured in locked file cabinets.
  • Log out of all your accounts when not needed.
  • Ensure that proper system updates are done to ensure that your system and even computers are protected from threats and possible attacks.
  • Ensure that appropriate intrusion detection systems (e.g. firewall, anti-virus) are in place and properly working.
  • Ensure that the organization has a response and recovery plan that would be useful in times of emergencies, disasters, or even system attacks.
  • Ensure that the employees are reminded and/or educated regarding the organization’s security measures that must be observed (e.g. accessing work documents outside the office premises).
  • For teleworking or organizations implementing “work from home” during this holiday, just make sure you have a secure connection.