Safeguarding Your Digital Life

With significant data breaches like Optus, Medibank and Latitude Finance making headlines in 2022 and 2023, strengthening personal cybersecurity is crucial for everyone in 2024. High-profile incidents like these underscore the growing threats we face to privacy and data security in an increasingly digital world. Just in the past few years, millions of Australians have had their sensitive personal information compromised in breaches impacting small, medium and large organisations both domestically and internationally. We all need to understand the risks and work on protecting our devices, information, and privacy in an age of growing digital threats.

Understand Australia's Privacy Laws

Australia has strict data privacy laws under the Privacy Act 1988, and its component, the Australian Privacy Principles (APPs), govern how organisations collect, use, disclose and store personal information. The Notifiable Data Breaches scheme also requires organisations to report certain data breaches. Knowing your rights under laws like the APPs is the first step.

Firstly, you have the right to know why an organisation collects your personal information and how they will use it. Organisations must clearly explain this in their privacy policy. You also have the right to access and correct any personal data an organisation holds about you. This includes being able to delete it in some cases.  

Your consent is required for collecting sensitive information, and you can opt out of direct marketing. Your data also cannot be disclosed to third parties without your permission. Furthermore, organisations must take reasonable steps to keep your personal information secure. They need to destroy or de-identify data that is no longer required. Knowing and exercising these rights as an individual is critical to maintaining control over your data.

Tailor Security for Vulnerable Groups

Specific demographics face heightened data risks. For kids, threats like cyberbullying and online grooming are urgent concerns. Parents and teachers must investigate how to implement safeguards like parental monitoring tools, safe search filters and more. Building digital literacy with kids early is vital.  Professionals face threats of hacking, especially with remote work. Ensure you know how to use company devices securely, avoid phishing scams, and follow strong password policies. Seniors also tend to be common targets for fraud and identity theft.

Tips for all of these groups include:

• Use strong and unique passwords for each account, or consider a password manager. Avoid obvious passwords like birthdays, pets or grandchildren's names.

• Enable two-factor or multi-factor authentication when available to add an extra layer of login security.

• Be wary of phishing scams by email, text or phone. Don't click suspicious links or provide info to unsolicited contacts claiming to be from financial institutions.

• Only access financial sites and accounts directly rather than via links or emails. Check the URL is legitimate.

•  Monitor account activity frequently for unauthorised transactions and report concerns straight away. Set up transaction alerts if possible.

•  Be cautious when entering card details online. Only provide these details on secured sites, starting with HTTPS.

•  Update security software regularly and use a firewall and anti-virus to protect devices. Beware of malware.

•  Avoid accessing financial information over public Wi-Fi. Use a VPN if needing to access accounts remotely.

•  Shred or safely dispose of physical documents containing personal information.

•  Be wary of calls, emails or SMS requesting personal details, account information or payments. Verify its legitimacy first.

•  Limit sharing of personal information online or via social media sites. Adjust your privacy settings.

•  Consider credit monitoring or identity theft protection services that monitor for fraud.

Develop Good Security Habits for Life

We also want to make essential security habits second nature for everyone. All of the above tips apply to everyone, including one of the most important tips - using strong, unique passwords and a password manager to help avoid account breaches. One of the issues with data leaks is the leaking of your username and passwords. Hackers will take the username (often your email address) and password and try it on multiple platforms, hoping you have reused that password. If you have, they will gain access to your accounts. They won't successfully gain access if you have a unique password for every account. It is impossible to remember a different password for every site, and it isn’t safe to have a spreadsheet or book with all your passwords (imagine if someone gets hold of it???). A password manager is the way to go, as it encrypts the passwords and usernames and will keep them safe. You must remember your master password and don’t have a master password that is used for anything else, as this is the key to your kingdom.