Covid-19 update: click here for information

News Technology

Tips On Protecting Your Personal Data


In today’s hyperconnected world data flows freely and opens up a wealth of possibilities to make modern life seamless thanks to the power of technology.

But your personal data has value, and if it falls into the wrong hands it can be used by fraudsters to impersonate you. Sometimes you can even be sharing data without actively realising it. 

Here at Redwood, we know the importance of security when it comes to data, and as such we have spoken with our Head Compliance, Emma Drew and our Head of IT, Dave Wickham for some tips and recommendations on how you can protect your personal data.

Why is it so important to protect data?

It’s important to protect some forms of data more than others. What we call ‘personal data’ is data which can be used to identify a living individual. There are special categories of personal data such as health information, which is deemed more sensitive. Your personal data belongs to you, and you should be aware of the information you are sharing. Social media has enormously increased the amount of personal data which is visible to others, so be careful when giving out any information online. 

What data needs to be protected?

Obviously, personal data needs to be protected, but company data requires protection as well. In essence there is very little data which does not require protecting. 

What can individuals do to protect their data? 

There are so many things that people could do, but one key tip would simply to be aware of what you are sharing. For example, on social media there will often be quizzes such as ‘find your Downton Abbey name’. Quite often the answers to the questions will be common security answers, such as your first pet’s name, the street where you grew up or your mother’s maiden name. This information can easily be collected by fraudsters to access your accounts. Before you put anything about yourself on the internet ask yourself if you are comfortable with a stranger having that information. If you’re not, then leave it well alone.

What does Redwood do to protect customers’ data?

Since its inception, Redwood Bank has invested heavily in technology and partnered with Microsoft to deliver a secure service, via a completely internet-based IT system. Security is absolutely crucial to our business. We cannot allow our systems to be compromised in any way and we have developed a robust and reliable way of working that ensures data is safe at all times.

How can businesses ensure they are protecting any data they hold?
Each business will have their own data protection policy which employees should follow. All confidential documents should be stored in a centralised secure digital platform, such as a file server or SharePoint. Policies should be in place to ensure documents classified as ‘confidential’ aren’t accidentally or intentionally leaked. It’s also a good idea to put restrictions on certain documents to prevent them from being printed.  Invest in widespread training across the business to make sure all staff understand the importance of adhering to your protocols.

What about online scams such as phishing to extract data? 

Phishing is a common type of scam used to elicit confidential, lucrative, and/or sensitive information. Most often, phishing comes in the form of emails appearing to be sent from a trustworthy company or person but containing malicious links, requests for information, or harmful attachments. Some links in phishing emails contain malware.

What is the difference between spam and phishing?

Spam is electronic junk mail or, more broadly, unsolicited sales emails. Spam differs from phishing because spam emails will not request sensitive or confidential information; they will attempt to sell you an item, service, or subscription. 
Is phishing done only through email?

No. Scammers are always evolving and taking advantage of new technology to target potential victims. Other typical forms of phishing scams include phone calls, SMS texts and social media sites to trick you into giving up sensitive and confidential information. 

How do you avoid becoming a victim of a phishing scam?

No legitimate company or person will ever request that you submit personal information, including any passwords, over email. If you receive a request in which you are asked for confidential information, do not reply or open any links or attachments. If you have any doubts about an email, call the company/individual concerned directly to verify. Be sure to call the phone number listed publicly online (if applicable). Do not use any phone numbers listed in messages sent to you.

How can I make sure my passwords are robust?

Use strong and complex passwords using a random mix of both lower and upper case letters, numbers and special characters. Don’t spell out easy to guess names such as children, pets or favourite sports teams. Make use of Multi-factor Authentication (MFA), an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN.

What other information can I look at for tips on protecting my data? 

There are a number of great resources out there which give comprehensive guidance on good practice for ensuring your data remains safe and rights. Take a look at the websites listed below as a starting point. 
Your data matters | ICO this gives individuals advice about their information rights. 
Take Five - To Stop Fraud | To Stop Fraud  a national campaign offering advice on how to avoid fraud via phone, email and online. 
Cyber Aware - NCSC.GOV.UK official government advice on staying secure online. 

Read more about cyber security here