WatchGuard Blog

Data protection: stricter rules call for an advanced security posture

Data privacy is still unfinished business for many companies. With data privacy laws expanding and tightening globally, compliance has become a complicated process that affects all areas of an organization. Gartner predicts that by 2024, 75% of the world's population will have their data covered by some privacy regulation. 

The landscape of global privacy legislation has changed significantly since Data Privacy Day was created in 2007. Comprehensive laws such as GDPR, CCPA, and LGPD impose strict requirements on companies and grant new rights to individuals. Every January 28 we celebrate Data Privacy Day, an opportunity for organizations and individuals to raise awareness about privacy and data protection, share best practices in cybersecurity to enhance protection, and discuss why privacy matters. 

How can I celebrate Data Privacy Day? 

Cybersecurity education for users is a key link in the chain. At WatchGuard, we have published many articles that can be used as guides to adopting security habits that help us protect our privacy. Check out our Personal Data Protection Commitment and add the following recommendations: 

  • Click here: be aware of where you’re clicking, especially on links or attachments in SMS messages or emails. 

  • Use a VPN to add an extra layer of security between your device or computer and the Internet. 

  • Keep software updated regularly to avoid security breaches. 

  • Use a trusted DNS to ensure that the information you receive from the Internet is secure. 

  • Delete cookies from significant web browsers. Cookies can pose a privacy risk because of the amount of information they can contain, such as personal identification, to help fill out forms automatically in browsers. If you prefer to protect your privacy regarding cookies, you may want to delete them. 

  • Use a password manager to create unique passwords and ensure the privacy of your digital identity. 

  • Enable multi-factor authentication (MFA), making it compulsory to identify yourself through multiple verification steps and credentials to access data. 

How can your company celebrate Data Privacy Day? 

According to data revealed in Industry Today, by September 30, 2022, 92% of companies were still unprepared to comply with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), and 91% were unprepared for the General Data Protection Regulation (GDPR). And large companies are no strangers to these percentages. The third quarter of 2022 saw the first enforcement of the CCPA, with a $1.2 million fine imposed on retailer Sephora for selling consumer’s personal information to online tracking companies without their consent. In addition, earlier this year, Facebook's parent company, Meta, was ordered to pay two fines: the first, €210 million ($222.5 million) for GDPR violations, and the second, €180 million, related to Instagram violations of the same law. Combined, the penalties amount to €390 million ($414 million). These financial and reputational consequences are attributable to all types and sizes of companies.  

Preparing for existing and incoming data protection regulations may seem impossible. However, there are some recommendations you can follow that can make compliance easier:  

  • Identify which regulatory frameworks affect a company, so that security managers can decide which solutions are needed to meet the regulations. 

  • Conduct a risk assessment to identify holes in your security posture, understand your current security processes, and prioritize their resolution if any gaps exist based on how serious they are.  

  • In addition, drawing up a roadmap with the steps to take at each stage according to the priorities identified in the risk assessment is essential. 

  • Performing backups. Backups protect companies against data leaks, data loss, corrupted data, and other loss-related problems. 

  • Training employees on data protection is essential, as it is the way to ensure that human error does not interfere with the company's compliance. 

Data Privacy Day represents an opportunity for organizations and individuals to raise awareness about privacy and data protection, share best practices and discuss why privacy matters. At WatchGuard, we encourage you to follow these best practices and provide you with all the information and the appropriate cybersecurity solutions for compliance with data protection. Check out here key regulations to review and protect your regulations to protect your data 365 days a year.

And if you are still looking for more information on Data Protection, don't miss out on:

- Webinar Back to basics: All that you need to know about securing your busines

Are You in Control of Your Personal Information?