A date with Data Dave

Is your data slipping off your security cordon?

Hop in and enjoy this journey on understanding the relevance of Data Protection and best practices in Data Protection.

Your task, should you choose to accept it, is to accompany the individual known as Data Dave.
WHO'S DAVE?
SCROLL DOWN
You see? Not even a lock on the door. How do these places stay afloat, I have no idea.
Any data customers give, they give in two ways. See those papers on the desk there? And see that open laptop on the other side? Go ahead and take a look at what they contain.
I'll now take you to meet two rather special people. These two are responsible for every customer's data here.
So you see? Your personal data is in the hands of these guys. Any employee who gets your hand-written or typed forms, or handles any kind of information about you, can be an Alan or a Sue.
Let's move on.
You saw how Okay Accounts handled data. And learned how NOT to take care of your customers' information. Let's move away from this negativity and I'll show you a decent outfit and what it does.
But before we do, remember this.
We are about to enter Safebase LLP. These guys know a thing or two about protecting their customers and themselves!
Customers trust us to protect the data they share with us, right?
And most companies say 'Yes!'
...and close the book there.
Safebase doesn't just care for its customers...
... in the process, it also takes care of itself, which is equally important.
SafeBase heads tell me of a simple (yet easily overlooked) fix they implemented. Take a look at that laptop over there to see what this fix was.
These guys know what a lot of others didn't and had to learn the hard way.
Some companies made headlines when data breaches happened. I'm sure those newspapers there have a story or two.
Safebase knows better than to have its employees talk to us. They play it really safe and close to their chest. But at least they know why customers' data has to be protected.
So, to know how to do a good job, you can always look at SafeBase.
But to learn how to do a great job of Data Protection, we need to go to the Boss; in this case, it's SecuBoss, Inc.
You are now on hallowed ground. The first thing you will learn here is how things can go wrong. And then, we look at how to protect Data.
There's a sucker born every minute. And rightfully, there are enough people wanting to bait these suckers.
There are three broad ways I can get personal data if I want to. Select each one below and you'll see what I mean.
To prevent these incidents, SecuBoss Inc. have eight simple guidelines for everyone working there. You can learn a thing or two from here. Let's step into a knowledge portal to learn more.
So you see. It is relatively simple to maintain confidentiality.
In addition, SecuBoss Inc. has three fundamentally strong measures in place.
SecuBoss knows what it's doing; and by now, you should too.
Now that your tour is done, go out there, answer a few questions and show the world a thing or two that Data Dave has taught you.
Great access control
State-of-the-Art IT Security
Comprehensive employee verification
You've completed your journey with Data Dave.
In this journey you've looked at:
  • the people who handle data
  • basic precautions to be taken when handling data
  • the consequences of not handling confidential data carefully
  • best practices in data handling

We hope Data Dave has taught you enough to give you a solid start.

I'm sure you would like to learn more about Data Handling and Protection. Go ahead! Select the button below.

Otherwise close the browser and come back another time to continue your training.

CONTINUE

All the best!

GO TO TOP
Created by EI Design | Contact Us

Manual data collection:

Data is collected manually through handwritten forms. This poor fellow here has written his entire life story in this credit card application.

Electronic data collection:

Data is more commonly collected electronically. All those online forms people fill get stored somewhere.

And displayed on this unprotected and open laptop screen, for example.

Amateurs...

I'm Sue, a Data Controller. I decide how the data will be lawfully managed, changed, updated and protected. And on minimum wage, you can bet your birth date I won't be tempted to fiddle around... too much.

Hi, I'm Alan, your friendly and "responsible" Data Processor. Can you believe that these guys trust me with your Social Security number? Anyway I'm the guy who works with your data. I manage it, I update it, and I change it if needed.

You learned who a Data Controller is and a Data Processor is. You also learned that leaving customer information lying around isn't good practice.

Even though SafeBase had a foolproof firewall installed, their users could still send attachments, including sensitive database files with customer information.

Doing something as simple as restricting email attachments to a few designated employees covered a major loophole that many companies overlook to this day.

Heartland Payment Systems Suffers Data Breach
134 Million Credit Cards Exposed
TJX's failure to secure Wi-Fi could cost over $1 Billion
Hackers May Have Stolen Info On At Least 45 Million Credit Cards
Epsilon Email Hack
Millions Of Customers' Details Stolen
At SafeBase, you learned about:
  • the repercussions of being careless about security
  • simple, common sense fixes that can go a long way to keeping data secure.

Hacking: One of the most recognized but least commonly understood methods of data breach. Involves people exploiting weaknesses in computer software and hardware to access confidential data.

Database Theft: This type of breach involves people within companies selling customer databases to unscrupulous individuals.

Social Engineering: When a malicious outsider manipulates employees or individuals and gets them to divulge confidential information, we have a data breach. Phishing attacks are good examples of such attempts.

KNOWLEDGE CHECK