Topic 1 Main issues concerning personal data, privacy and device security

When we participate in the digital world we engage with digital activities every day during which we provide personal data in order to get access to different systems and services. Our privacy is at stake each time we use an internet service and apart from our precaution we depend on the security is placed upon the devices we are using.

Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data (European Commission).

Examples of personal data

  • a name and surname;
  • a home address;
  • an email address such as name.surname@company.com;
  • an identification card number;
  • location data (for example the location data function on a mobile phone);
  • an Internet Protocol (IP) address;
  • a cookie ID;
  • the advertising identifier of your phone;
  • data held by a hospital or doctor, which could be a symbol that uniquely identifies a person.

What does privacy mean?

Our need to control what we hide and what we share extends from our very person, to our homes, businesses, communities, and governments. And because of the pervasive nature of technology, the data it produces and carries has burrowed into our lives in ways that we now take for granted (Forbes, 2019).

For years now, Internet privacy is a huge issue. Very few of us opted not to use the Internet and stay in complete anonymity, while the rest of the world chooses to think less about how much of our personal information is out there.

How much is too much, and how vulnerable we actually are due to excessive sharing of information?

Watch the following video to understand issues about privacy and data protection.

Privacy and data protection

Top Mobile Device Information Security Risks

The increased use of mobile technology in business, combined with the Bring Your Own Device (BYOD) trend, means that businesses can’t neglect mobile device security. There are many sources of risk to information security that come with the use of cellphones, tablets, and other mobile devices.

Unsafe apps. Although the mobile phone vendors try to ensure app security through requiring apps to be signed to be downloaded from the official app stores, misuse of certificates means that even apps downloaded from vendor stores or enterprise sites aren’t guaranteed to be free from malware. Even legitimate apps often request more permission than needed to perform their function, which can expose more data than necessary.

Unsafe operating systems. Large numbers of mobile devices are not kept up to date with operating system releases. Out of date operating systems mean devices are vulnerable to security threats that are patched in the later versions.

Unsafe devices. When users jailbreak or root devices, they work around the built-in restrictions of the device. While users feel that jailbreaking gives them freedom and more access to the device’s capabilities, jailbreaking also eliminates many controls that provide security.

Lost devices. Portable devices are easily lost or stolen. When an employee loses physical control of their mobile device, they also lose control of the data on that device. If the device isn’t appropriately protected with passwords and encryption, any data on that device may be exposed.

Uncontrollable users. No matter how well you publicize your safe mobile computing policies, there will be employees who find them too inconvenient to follow. Organizations need tools to enforce policies rather than relying on employees’ good will.

Lack of monitoring. The large number of mobile devices used in an organization makes monitoring and managing them difficult. It isn’t easy to understand the status of all mobile devices, users, and applications at a glance.

Variety of devices. There’s no single standard for mobile devices, especially when you allow BYOD rather than supplying the devices. Because of the variety of devices and operating systems, it’s difficult to apply controls consistently to ensure the safety of all of them.

(Source: https://www.prescientsolutions.com/blog/8-mobile-security-challenges-you-need-to-manage/)

Read REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

General Data Protection Regulation

When we use digital services to perform everyday tasks over the internet our personal data are at risk and there several matters to be considered in terms of privacy and security.