If your profession requires creating, manipulating, storing, or transferring video files, end-to-end encryption is essential. Without end-to-end encryption, your video files are constantly at risk of being stolen.
Unencrypted data is at risk no matter the size of your business. Data breaches don’t just happen to big corporations like Target and Home Depot. Small businesses, including retail shops and even private medical practices, are easy targets for hackers.
Hackers know small business owners don’t always have the time or money to secure their data and that’s why data breaches are on the rise year after year. By the end of 2019, at least 7.9 billion records had been stolen including credit card numbers, login credentials, addresses, and social security numbers.
1. Encrypt data even when the law doesn’t require encryption
If you’re bound by any data privacy laws, follow those laws to the letter. Then, go a step beyond. You don’t want to risk having to explain yourself to your boss or your clients following a data breach. Whenever possible, enact the strictest data privacy protections available.
Although it’s not always required by law, sometimes encryption is the only way to protect data. If you’re not legally required to encrypt – do it anyway.
For example, data privacy in the medical field is governed by the Health Insurance Portability and Accountability Act (HIPAA). Although, congress doesn’t require electronic health records to be encrypted if it’s not reasonable to do so and an equivalent safeguard is put in place. However, encryption is so easy that it doesn’t make sense not to encrypt patient data.
Providers face dire consequences when patient data is stolen and it happens more often than you might think. Between 2009 and 2017, there were approximately 2,181 healthcare data breaches, which exposed 176 million healthcare records. If those stolen records had been encrypted, the data would have been unreadable.
2. Don’t presume hackers don’t want your videos
Hackers will take whatever data they can get. If they don’t plan to use it themselves, they’ll sell it on the black market.
Most data breaches we hear about in the news involve stolen login credentials, social security numbers, bank account numbers, and credit card information. However, data breaches also involve stolen video files.
Again, using the healthcare industry as an example, a patient might have video files of injuries in their records. Medical schools that use simulation training will undoubtedly have videos depicting student training sessions, and psychologists might have videos of confidential therapy sessions used to train new therapists.
Never leave your videos unencrypted, presuming hackers are only interested in credit card information or data they can use for identity theft.
If you use video observation in your line of work, consider upgrading to a professional system that automatically encrypts data and protects access with state-of-the-art security. The Video Audio Learning Tool (VALT) from Intelligent Video Solutions is a top pick for companies in fields that require extended security for confidential videos.
VALT is a powerful video observation system used by law enforcement, psychologists, and medical professionals to capture and store confidential interactions that require secure storage. The VALT system is also used by corporations to conduct training sessions.
3. Never access your data from a public Wi-Fi network
When you need to get some work done, it’s easy to find a coffee shop, open your laptop, and connect to the free Wi-Fi. You might not think twice about logging into your email, your company database, or even your bank account. When you’re on public Wi-Fi, that’s a bad idea.
First of all, you might not be connected to a legitimate network. When someone wants to steal data, all they need to do is sit down at a coffee shop, set up their own unsecured network, and wait for someone (you) to log on. These people will create a network ID that looks just like the legitimate network to tick people into thinking they’ve signed onto the store’s network.
Once you’ve joined the hacker’s network they can use software to record your browsing activities, including back-end URLs you might visit to access private company data. They may not be able to get your username and password if the system doesn’t make login credentials visible, but they’ll know the URL. Once they know the URL, they could start trying to crack your credentials.
4. A password-protected personal hot spot will protect your data
Instead of using public Wi-Fi to access sensitive data, get a personal hot spot if you don’t already have that capability with your smartphone. If you’re a remote employee, you can probably get your boss to pay for the hotspot and write it off as a business expense.
5. Password protect all of your devices
Using unprotected public Wi-Fi networks makes your data vulnerable. However, there are several ways your video files might get stolen outside of an unprotected network:
- Stolen phones, laptops, and computers.
- Unauthorized access to your phone, laptop, or computer.
All of your devices should be password-protected. If you have biometric security capabilities (like facial recognition or fingerprint recognition), turn those features on. Even if you never access your company’s confidential data from your phone, you might have email discussions that would expose your credentials or confidential URLs.
6. Use a password manager that doesn’t store data in the cloud
Storing data in the cloud is convenient. For example, if you have a Google account and use Chrome, you can log into your Google account on any device and have access to all of your saved passwords. This seems wonderful, but the security of all that data is completely out of your control. If the cloud provider experiences a security breach, it could lead to a data breach, which means your passwords might be exposed and exploited.
Using a password manager that stores your passwords on your local machine is your safest bet. Better yet, that login data should be encrypted in case an unauthorized person steals your device. When your password manager stores credentials locally, the only way that data can be accessed remotely is if a hacker installs malware on your device (like a keystroke logger).
A password manager is a company’s greatest defense against security threats and all employees should be required to use one. Even if your company doesn’t have a policy requiring the use of a password manager, use one anyway.
7. Never store login credentials in your browser
Long ago, login credentials saved in a browser were only stored locally on the device. Today’s browsers save login credentials in the cloud, often unencrypted, which leaves all that data vulnerable.
Instead of storing your login credentials in your browser, get into the habit of manually logging in to your accounts that house sensitive data. It’s inconvenient to do this with every account you have, but make sure you at least protect accounts with sensitive data.
8. Encrypt your video files directly
Make use of a program that will encrypt your video files directly so you don’t need to encrypt entire hard disks and drives. Most of these programs are simple to use and don’t cost very much.
The only problem is that encrypting data increases the file size. You’ll need plenty of storage space if you’re encrypting video files.
9. Hide your video files
One way to make data unnoticeable on your machine is to use a program to hide your files. Certain software can be used to create hidden volumes on your hard drive that only you know how to access.
Another option is to use software to disguise your video files as another filetype. For example, you can make your video files look like JPGs or even PowerPoint files.
10. Properly securing and encrypting your video files is essential
Regardless of the method you prefer to use, don’t skip data security essentials. If you’re in an industry dealing with sensitive information, don’t skip encryption. If you don’t have much at stake, but you might not want your video files made public, take the precautions outlined above to keep your data out of the wrong hands.
This article was originally published on readwrite.com by Mr. Frank Landman, on 21st Jan, 2020