NPC reminds Business and Government Agencies to Secure Data Processing Systems and for Individuals to be Safe Online for Holy Week
The National Privacy Commission (NPC) issued an advisory for Data Protection Officers (DPO) reminding them to secure data processing systems for the upcoming Holy Week long weekend, in order to prevent the duplication of the COMELEC data breach which happened during Holy Week 2016.
In the memorandum addressed to Data Protection Officers, the NPC recommended the following:
- Place non-mission critical systems off-line especially those that contain or have access to personal data.
- For systems that are kept off-line, ensure that all system activities are recorded and the aforementioned logs are secure.
- Password protect or encrypt files and databases on servers, desktop computers and other devices.
- Conduct a backup of systems and databases.
- Information Security team needs to retain the ability to remotely monitor systems and be ready respond to any unusual activity.
- Discourage physical breaches by securing office premises adequately.
“The banking sector is also vulnerable, the Bangladesh bank heist of 2016 also happened on a long weekend (Chinese New Year), the economic significance of the financial sector is the reason why we are looking to have a general assembly of DPOs from the finance and banking sector next,” Commissioner Liboro added.
Early this month the NPC held the first general assembly of DPOs in Government (DPO1) and launched its newwebsite complete with information and tools for DPOs to help in complying with the country’s data protection and privacy laws.
Data Protection for individuals
For individuals going on the road for the holidays, Privacy Commissioner Liboro recommends doing the following data protection measures for their devices:
1. Double-check if your laptop or mobile phone have been updated with the latest security patches
‘Being on the road or away from your home network would mean that data connectivity would be slow and quota is very limited, and so you won't be able to do this reliably”
2. Make sure your personal and work data are backed up securely
“As history have shown in a dramatic fashion, both in Bangladesh central bank and COMELEAK incidents were done during long holidays, as this is a preferred time for criminals to act online.”
3. Turn off your home network router if nobody is going to be left at home
“Powered-off devices, not just home appliances will not only save you money from unnecessary electricity consumption, but also deny criminal an avenue to attack your home remotely.”
4. Be aware of Phishing scams and Fake websites
“Users need to be vigilant of emails and fake websites that aim to extract log-in credentials from unwary users. There has been an increase in these, and users need to be cautious in accessing their accounts from their own devices and most especially from shared devices”