The National Privacy
Commission (NPC) is reminding public and private offices to be extra vigilant
against hackers and data thieves this Lenten break.
NPC chair Raymund Liboro said
Personal Information Controllers (PICs), Personal Information Processors (PIPs),
and Data Protection Officers should ensure personal information under their
organization’s care are safeguarded from potential cybersecurity attacks, the
likelihood of which may increase during long holidays.
“Digital and physical break-ins
are more likely to occur during long breaks when there’s minimal staffing in
offices,” Liboro warned. “The use of strong passwords is essential in protecting
personal information from malicious intentions. One precaution that PICs, PIPs,
and DPOs should do during the long break is password-protect or encrypt files
and databases on servers, computers, and other devices in their organization. If
necessary, change passwords.”
The agency made the following
Place non-mission critical systems off-line, especially those that contain or have access to personal data.
For systems that are kept off-line, make sure that all system activities are recorded, and the logs are secure.
Conduct a backup of files (digital and non-digital), systems (e.g. server access, files, logs), and databases. If possible, do not bring them outside the office such as in portable devices.
Ensure that respective workstations are shut down properly and electrical connections are cut off accordingly.
Discourage physical security breaches by securing office premises adequately. Keep personal valuables safe.
Make sure all physical documents containing personal information are secure in locked file cabinets.
Log out all accounts in computers.
Ensure that proper system updates are done to ensure that your system and even computers are protected from threats and possible attacks.
Ensure that appropriate intrusion detection systems (e.g. firewall, anti-virus) are in place and properly working.
Ensure that the organization has a response and recovery plan that would be useful in times of emergencies, disasters, or even system attacks.
Ensure that the employees are reminded and/or educated regarding the organization’s security measures that must be observed (e.g. accessing work documents outside the office premises).
We strive to bring to local readers all the ICT news and product information relevant to the Philippines. We seek to cover the whole ICT spectrum — from consumer to the enterprise. READ MORE ABOUT NEWSBYTES.PH