A “Digital Spring Cleaning” with simple, actionable steps will help both consumers and small businesses protect valuable information from getting into hackers’ hands.
WASHINGTON, D.C., April 16, 2019 – Warmer weather and sunshine are finally here, and the tax filing deadline is – thankfully – behind us. Chances are that your seasonal chores include a spring cleaning. The National Cyber Security Alliance (NCSA) and the Better Business Bureau (BBB) have teamed up to remind everyone that when clearing out clutter, don’t forget about the critical need to take action and protect your volumes of valuable information. Whether you are tidying up your home or sprucing up your office space, everyone needs to spend a few minutes to help keep personal online data more secure. Taking some simple, proactive steps will go a long way in safeguarding you against any number of potentially disruptive issues – like identity theft, loss of funds or credit card fraud – that can cause mayhem by compromising your data.
“Whether you are running a household or a company, today everyone is non-stop busy – juggling schedules, activities and deadlines. Our ‘always-on’ lives require that we take simple, actionable steps to stay safer online,” said Kelvin Coleman, NCSA’s executive director. “If you are a business leader, it makes good sense to make this a priority – both for you and your customers. Think about your valuable data – photos, videos, and confidential contacts along with highly sensitive financial and health records – which could potentially get into the wrong hands. Take the time to put into practice a few precautionary measures and you will have greater peace of mind – not only this spring but all year round.”
NCSA and BBBs nationwide are encouraging everyone to follow our top three “take-action tips” and enjoy the benefits of the internet. In addition, to assist in the safe disposal of electronically stored data – like past tax returns – be sure to participate in BBB’s Secure Your ID Day or other “shred day” events in your area.
“Safeguarding your personal information is one of the best ways to reduce the risk of identity theft,” said Katherine Hutt, BBB national spokesperson. “It’s important to safely store needed paper records and to shred what you no longer need. The same is true for your digital information. Most of us don’t do everything we can to protect our key data, but once you have a good system in place, it’s much easier going forward to keep your information secure and to properly dispose of old data you no longer need. Check with the BBB to see if there is a shred day event near you.”
- Lock Down Your Login: Both at home and at work, security is critical to protecting highly personal accounts. One of the first things everyone needs to do is ensure that passphrases are lengthy, unique and safely stored. In addition, it is essential to fortify accounts by adopting strong authentication, which adds another layer of protection.
- Update Your System and Software: Don’t procrastinate any longer! Having the latest updates, security software, web browser, and operating system is one of the easiest ways to keep devices secure and protect data. This simple “digital to do” is a must to help keep cybercriminals at bay.
- Back It Up: Protect your personal and workplace data by making electronic copies – or backups – of your most important files. Whether it’s family photos, health records or employee contacts, back up your files this spring and set a schedule to do so regularly throughout the year.
In addition to following the above-listed tips, NCSA has created a comprehensive listing of reminders and best practices that that will assist SMBs in establishing, updating and communicating policies and procedures around many topics like bring your own devices (BYOD), record retention, etc. It is also imperative that a cybersecurity strategy is in place and utilized by all employees. Download NCSA’s Digital Spring Cleaning Checklist for SMBs.
Here are the BBB’s user-friendly guidelines to help you with the safe disposal of electronically stored data. Be sure to prep your data in advance of participating in BBB’s Secure Your ID Day or other shredding event. Know what devices to digitally “shred”: Computers and mobile phones aren’t the only devices that capture and store sensitive, personal data. External hard drives and USBs, tape drives, embedded flash memory, wearables, networking equipment and office tools like copiers, printers and fax machines all contain valuable personal information and stored images.
- Clear out stockpiles: If you have a stash of old hard drives or other devices – even if they’re in a locked storage area – information still exists and could be stolen. Don’t wait: wipe and/or destroy unneeded hard drives as soon as possible.
- Empty your trash or recycle bin on all devices, and be certain to wipe and overwrite: Simply deleting and emptying the trash isn’t enough to completely get rid of a file. You must permanently delete old files. Use a program that deletes the data, “wipes” it from your device and then overwrites it by putting random data in place of your information ‒ which then cannot be retrieved.
- Various overwriting and wiping tools are available for electronic devices. For devices like tape drives, remove any identifying information that may be written on labels before disposal and use embedded flash memory or networking or office equipment to perform a full factory reset and verify that no potentially sensitive information still exists on the device.
- Decide what to do with the device: Once the device is clean, you can sell it, trade it in, give it away, recycle it or have it destroyed. Note the following:
- Failed drives still contain data: On failed drives, wiping often fails, too; shredding/destruction is the practical disposal approach for failed drives. Avoid returning a failed drive to the manufacturer; you can purchase support that allows you to keep it – and then destroy it.
- To be “shredded,” a hard drive must be chipped into small pieces: Using a hammer to hit a drive only slows down a determined cybercriminal; instead, use a trusted shredding company to dispose of your old hard drives. Device shredding can often be the most time- and cost-effective option for disposing of a large number of drives.
NCSA urges SMBs nationwide to learn more about online safety with via CyberSecure My Business™. The program ‒ of which FedEx is a Founding Partner, Trend Micro is a Signature Sponsor and Infosec is a Contributing Sponsor – was created to help protect the SMB community’s cybersecurity. It does so by offering free interactive training workshops, webinars and monthly newsletters summarizing recent hot topics.
Receive the latest cybersecurity news and resources for small businesses by signing up for the CyberSecure My Business™ Newsletter.
Virtual Event and Resources
#ChatSTC Twitter Chat: Freshen Up Your Online Life with a Digital Spring Clean!
Thursday, April 18 at 3 p.m. EDT/Noon PDT
In this #ChatSTC we’ll share tips to help tidy up your home or work office space and freshen up your digital security.
- BBB – Check out org/Secure-Your-ID-Day for more information on shredding events and tips on what to save and for how long. Businesses should check out BBB.org/Cybersecurity for “5 Steps to Better Business Cybersecurity.”
- NCSA – Check your privacy settings.
- NCSA ‒ Keep a clean machine! Use these free security checkups to learn how
- The Federal Trade Commission has additional resources that may be helpful:
- Although tax season is behind us, the Internal Revenue Service also offers the following advice for year-round safety:
- Taxpayers need to be proactive in protecting their personally identifiable information (PII) that can be used for identity theft.
- Employers should take extra precautions to protect their employees’ PII from scammers.
- Tax preparers should also take steps to protect their customers’ data.
- The IRS has seen a surge in phishing scams related to tax season. Don’t take the bait.
NCSA is the nation’s leading nonprofit, public-private partnership promoting cybersecurity and privacy education and awareness. NCSA works with a broad array of stakeholders in government, industry and civil society. NCSA’s primary partners are DHS and NCSA’s Board of Directors, which includes representatives from ADP; American Express; Bank of America; CDK Global, LLC; CertNexus; Cisco; Cofense; Comcast Corporation; Eli Lilly and Company; ESET North America; Facebook; Google; Infosec; Intel Corporation; Marriott International; Mastercard; Microsoft Corporation; Mimecast; NXP Semiconductors; Proofpoint; Raytheon; Symantec Corporation; Uber: U.S. Bank; Visa and Wells Fargo. NCSA’s core efforts include National Cybersecurity Awareness Month (October); Data Privacy Day (Jan. 28); STOP. THINK. CONNECT.™, the global online safety awareness and education campaign co-founded by NCSA and the Anti-Phishing Working Group with federal government leadership from DHS; and CyberSecure My Business™, which offers webinars, web resources and workshops to help businesses be resistant to and resilient from cyberattacks. For more information on NCSA, please visit staysafeonline.org/about-us/overview/.
For more than 100 years, Better Business Bureau has been helping people find businesses, brands and charities they can trust. In 2018, people turned to BBB more than 173 million times for BBB Business Profiles on more than 5.4 million businesses and Charity Reports on 11,000 charities, all available for free at BBB.org. The Council of Better Business Bureaus is the umbrella organization for the local, independent BBBs in the United States, Canada and Mexico, as well as home to its national and international programs on dispute resolution, advertising review and industry self-regulation.