Warmer weather and sunshine are finally here, and the tax filing deadline is – thankfully – behind us. Chances are that your seasonal chores include a spring cleaning. The National Cyber Security Alliance (NCSA) and the Better Business Bureau (BBB) have teamed up to remind everyone that when clearing out clutter, don’t forget about the critical need to take action and protect your volumes of valuable information. Whether you are tidying up your home or sprucing up your office space, everyone needs to spend a few minutes to help keep personal online data more secure. Taking some simple, proactive steps will go a long way in safeguarding you against any number of potentially disruptive issues – like identity theft, loss of funds or credit card fraud – that can cause mayhem by compromising your data. Take the time to put into practice a few precautionary measures and you will have greater peace of mind – not only this spring but all year round.
NCSA and BBBs nationwide are encouraging everyone to follow our top three “take-action tips” and enjoy the benefits of the internet. In addition, to assist in the safe disposal of electronically stored data – like past tax returns – be sure to participate in BBB’s Secure Your ID Day or other “shred day” events in your area.
Digital Spring-Cleaning Take-Action Tips:
- Lock Down Your Login: Both at home and at work, security is critical to protecting highly personal accounts. One of the first things everyone needs to do is ensure that passphrases are lengthy, unique and safely stored. In addition, it is essential to fortify accounts by adopting strong authentication, which adds another layer of protection.
- Update Your System and Software: Don’t procrastinate any longer! Having the latest updates, security software, web browser, and operating system is one of the easiest ways to keep devices secure and protect data. This simple “digital to do” is a must to help keep cybercriminals at bay.
- Back It Up: Protect your personal and workplace data by making electronic copies – or backups – of your most important files. Whether it’s family photos, health records or employee contacts, back up your files this spring and set a schedule to do so regularly throughout the year.
In addition to following the above-listed tips, NCSA has created a comprehensive listing of reminders and best practices that will assist SMBs in establishing, updating and communicating policies and procedures around many topics like bring your own devices (BYOD), record retention, etc. It is also imperative that a cybersecurity strategy is in place and utilized by all employees.
Here are the BBB’s user-friendly guidelines to help you with the safe disposal of electronically stored data. Be sure to prep your data in advance of participating in BBB’s Secure Your ID Day or other shredding events. Know what devices to digitally “shred”: Computers and mobile phones aren’t the only devices that capture and store sensitive, personal data. External hard drives and USBs, tape drives, embedded flash memory, wearables, networking equipment, and office tools like copiers, printers and fax machines all contain valuable personal information and stored images.
- Clear out stockpiles: If you have a stash of old hard drives or other devices – even if they’re in a locked storage area – information still exists and could be stolen. Don’t wait: wipe and/or destroy unneeded hard drives as soon as possible.
- Empty your trash or recycle bin on all devices, and be certain to wipe and overwrite: Simply deleting and emptying the trash isn’t enough to completely get rid of a file. You must permanently delete old files. Use a program that deletes the data, “wipes” it from your device and then overwrites it by putting random data in place of your information ‒ which then cannot be retrieved.
- Various overwriting and wiping tools are available for electronic devices. For devices like tape drives, remove any identifying information that may be written on labels before disposal and use embedded flash memory or networking or office equipment to perform a full factory reset and verify that no potentially sensitive information still exists on the device.
- Decide what to do with the device: Once the device is clean, you can sell it, trade it in, give it away, recycle it or have it destroyed. Note the following:
- Failed drives still contain data: On failed drives, wiping often fails, too; shredding/destruction is the practical disposal approach for failed drives. Avoid returning a failed drive to the manufacturer; you can purchase support that allows you to keep it – and then destroy it.
- To be “shredded,” a hard drive must be chipped into small pieces: Using a hammer to hit a drive only slows down a determined cybercriminal; instead, use a trusted shredding company to dispose of your old hard drives. Device shredding can often be the most time- and cost-effective option for disposing of a large number of drives.
BBB.org/Secure-Your-ID-Day: information on shredding events and tips on what to save and for how long.
BBB.org/Cybersecurity for “5 Steps to Better Business Cybersecurity.”
StaySafeOnline.org for tips from the National Cyber Security Alliance.
IdentityTheft.gov for a customized recovery plan if you have been the victim of identity theft.
Internal Revenue Service advice for taxpayers to protect personally identifiable information (PII) that can be used for identity theft.