NPC advisory: Secure data systems before taking Holy Week break | Inquirer Technology

NPC advisory: Secure data systems before taking Holy Week break

By: - Reporter / @JeromeAningINQ
/ 06:14 PM April 11, 2017

(File photo from AP)

(File photo from AP)

The National Privacy Commission (NPC) reminded business and government agencies on Tuesday to secure data processing systems before going on their Holy Week break,

Netizens should also be alert and be mindful online safety during the long weekend, the NPC added.

Article continues after this advertisement

In a statement, NPC Chairman Raymund Liboro likened the protection of personal data during long holidays to securing one’s home when leaving for an out of town trip.

FEATURED STORIES

“When one leaves for a long vacation or when you leave home for a long period of time unattended, you make sure that security precautions are in place to ensure that break-ins do not happen,” Liboro said. “The same way our DPO’s should safeguard their information technology (IT) systems as well as ensure that adequate physical security are in place during times of minimal staffing.”

The commission issued an advisory for data protection officers (DPOs)reminding them to secure data processing systems for the Holy Week long weekend to prevent a data breach similar to what happened to the Commission on Elections during the Holy Week last year.

Article continues after this advertisement

The minimal staffing during the Holy Week makes data processing systems vulnerable not only to online data breaches but to physical security breaches as well.

Article continues after this advertisement

In its memorandum, the NPC recommended that DPOs place non-mission critical systems off-line, especially those that contain or have access to personal data.

Article continues after this advertisement

For systems that are kept off-line, DPOs should ensure that all system activities are recorded and the logs are secure.

DPOs were also advised to protect desktop computers and other devices with passwords, encrypt files and databases on servers, and conduct a backup of systems and databases.

Article continues after this advertisement

Information security teams also need to need to retain the ability to remotely monitor systems and be ready respond to any unusual activity.

IT centers should also be able to secure their premises adequately to discourage physical breaches.

Liboro said the banking sector might also vulnerable. He noted that the Bangladesh bank heist of 2016 also happened on a long weekend, during the Chinese New Year.

“The economic significance of the financial sector is the reason why we are looking to have a general assembly of DPOs from the finance and banking sector next,” Liboro added.

For individuals going on the road for the holidays, Liboro recommended several data protection measures for their devices. He said they should double-check if their laptops or mobile phones had been updated with the latest security patches.

“Being on the road or away from your home network would mean that data connectivity would be slow and quota is very limited, and so you won’t be able to do this reliably,” the commissioner said.

Gadget and laptop owners should also make sure their and work data are backed up securely.

“As history has shown in a dramatic fashion, both in Bangladesh central bank and Comeleak incidents were done during long holidays, as this is a preferred time for criminals to act online,” Liboro said.

If nobody will be left at home, the network router must be turned off.

“Powered-off devices, not just home appliances, will not only save you money from unnecessary electricity consumption, but also deny criminal an avenue to attack your home remotely,” Liboro said.

The commissioner also reiterated warnings about phishing scams and fake websites.

“Users need to be vigilant of emails and fake websites that aim to extract log-in credentials from unwary users,” he sai.d “There has been an increase in these, and users need to be cautious in accessing their accounts from their own devices and most especially from shared devices.”

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

The NPC is a regulatory and quasi-judicial body created in March 2012 by the Data Privacy Act of 2012 (Republic Act No. 10173). The agency is mandated to uphold the right to data privacy and ensure the free flow of information, with a view to promoting economic growth and innovation. /atm

TOPICS: Cybersecurity, Internet security, National Privacy Commission, Raymund Liboro
TAGS: Cybersecurity, Internet security, National Privacy Commission, Raymund Liboro

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.