INTRODUCTION

In today’s digital age, where data is generated and collected at an unprecedented rate, data security

become increasingly important.With the widespread use of social media, e-commerce, and other online

platforms, people are entrusting their personal information to various organizations.However, this trend

has also led to an increase in data breaches and cyber-attacks, highlighting the need for robust data

security measures.In 2024, the importance of a data security strategy cannot be overstated. Statistics

show that data breaches continue to be a major threat, with the number of records exposed reaching a

staggering 22 billion from more than 4,100 data breaches.Additionally, studies indicate that consumers

are increasingly concerned about their privacy, with over 80% of respondents in a recent survey

expressing worries about their personal data being shared without their consent.These numbers make it

clear that data security is critical in ensuring the safety and trust of individuals and organizations

alike.Almost no data is safe today due to unfettered surveillance of the internet. Mobile networks, apps,

e-mails, social media, search engines -- all internet-related services keep track of our activities.

Knowingly or unknowingly, we are forced to be tracked by these institutions. Protecting personal data is

essential to stay safe in an online world. These institutions are constantly violating human rights such as

the right to personal data privacy.We create a constant stream of information in our daily lives.
 Importance of Securing Data Online

Never before have we seen a world where everyone’s information is saved online in places like banking

apps, social media platforms, and shopping websites. There are so many avenues for cybercriminals to

get ahold of information, yet everyone is still required to input at least some personal data if they want

to perform most online actions. As we get further entrenched in online life, read below to see the many

reasons why it is so important to have data security in a digital world.

Guard Sensitive Information

One thing that is almost a requirement online these days is giving websites your first name, your last

name, and your email just to set up an account or a profile. That means that this information is out there

for people to see. Many people struggle with being bombarded with spam emails because they have

had their email online for a long time and many people have had access to it over the years. When it

comes to more sensitive information like credit card numbers and home addresses, it is important to

make sure that data is secure if you ever have to input it to make a payment or create an account. A

good way to protect this sensitive information is to triple-check that the websites you are visiting are

legitimate and have a system in place to safeguard your data. Many checkout processes nowadays

require multi-step authentication so you have to put in your security code and possibly also be sent an

authentication code to your phone number or email. These security measures have helped a lot in the

efforts to keep sensitive information private from the open web.

Prevent Identity Theft

Since the advent of the internet, hackers have been devising ways to find out information about internet

users and use it to steal their identity. People do this for many reasons including trying to use credit
cards under another person’s name, draining bank accounts, and using another person’s name to get

prescription drugs to name a few.

Legal Regulations

With the increased reach of the internet in the modern world, there is not a country on earth where

there is not some kind of access to it. As the internet becomes more integral in the functions of daily life,

many nations have passed laws and regulations to protect the rights of individuals and their personal

data. In many places, this now means that organizations and companies that run websites have to enact

some kind of system that will protect the privacy of their customers from internet trolls. These

regulations that have popped up in recent years have helped to reduce the amount of data leaks and

have given everyday citizens more peace of mind when they interact with organizations online

Avoid Financial Loss: When people think about their data security, the first thing that usually comes to

mind is whether a hacker can access their money and take it. Data security is so important because

people who get their identity stolen or have their account numbers leaked can sometimes lose

everything. Identity thieves who manage to get access to savings accounts usually drain them as fast as

they can so that they can leave as little trace as possible. This is why making sure that every time you

enter your information into an online platform you must check that it is secure or has some kind of

encryption technology to hide your information from prying eyes.

Protect Intellectual Property

Nowadays many people write books, create ideas, and invent new things on the internet instead of

using pen and paper. This means that many creatives have their whole livelihoods on their computers.

To protect their intellectual property, many people install cybersecurity programs on their devices so
that they can work away without the fear that someone is going to come and steal it and make millions

of their ideas.

Acknowledging the threats

Ransomware: Ransomware is a major threat to data in companies of all sizes. Ransomware is malware

that infects corporate devices and encrypts data, making it useless without the decryption key. Attackers

display a ransom message asking for payment to release the key, but in many cases, even paying the

ransom is ineffective and the data is lost.

Malware and Viruses

Malware, also known as malicious software, is a broad category that includes multiple types of

software designed to harm computer systems. This includes various variants such as spyware,

viruses, and ransomware, which can contribute to a data breach. Malware refers to code created

by cyber attackers intending to damage or gain unauthorized access to a system or data. Malware

is activated by clicking on an attachment or malicious link. Once activated, malware can cause a

variety of harmful actions:

Phishing Attacks

Phishing attacks are fake communication methods with the wrong intent. Users often receive these

as emails depicting sent from a trusted source. The components are a set of instructions asked for

the receiver to follow. The actions may include revealing confidential information like credit card

numbers, login information, CVV and other similar details. The messages or communication

method may also contain links that can compromise the data on clicks.
Social Engineering

Social Engineering is a well-thought and researched attack. It begins by studying specific targets,

their behavior, preferences and needs. The attacker gathers the information, gains the target’s

trust and then walks through the security protocols by using them. It involves exploiting the target

through pretexting, spear phishing, baiting, phishing, scareware, quid pro quo, water holing,

vishing, tailgating, rogue and honey trap.

Data Breaches: Social engineering is the tactic of manipulating, influencing, or deceiving a victim in

order to gain control over a computer system, or to steal personal and financial information. It uses

psychological manipulation to trick users into making security mistakes or giving away sensitive

information.

Injection Attack:In these attacks, hackers inject malicious code into a program or download malware to

execute remote commands, enabling them to read or modify a database or change website data.There

are several types of injection attacks. Two of the most common include:

 SQL injection attacks: when hackers exploit the SQL syntax to spoof identity; expose, tamper,

destroy or make existing data unavailable; or become the database server administrator.

 Cross-site scripting (XSS): these types of attacks are similar to SQL injection attacks, except

instead of extracting data from a database, they typically infect users who visit a website.
Cloud Data Storage: Organizations are increasingly moving data to the cloud and going cloud-first to

enable easier collaboration and sharing. But moving data to the cloud can make controlling and

protecting it against data loss more difficult. The cloud is critical to remote working processes, where

users access information using personal devices and on less secure networks. This makes it easier to

accidentally or maliciously share data with unauthorized parties.

Best pracrices For online Data Secuirity

1. Perform Data Discovery

The first step in protecting your organization’s data, is discovering what data exists, how much is

sensitive or critical to the organization, and what data needs to be compliant with security regulations.

By performing data discovery, you can understand what data needs to be protected and how.

4. Encrypt Your Data

Cybersecurity breaches have exponentially increased in the past few years which means personal data is

vulnerable to attacks without protection. How to protect data from hackers? Encrypt it.

Data encryption encodes information by converting plaintext to ciphertext which is very difficult for

unauthorized users to hack. Encrypting data can be as simple as utilizing software that automatically

does it for you.

If your devices are infected with malware, your confidential data can be compromised by hackers.

Ensuring that you have anti-malware software installed will reduce the risk of malware attacks.

10. Create Strong Passwords

Weak passwords are the easiest ways for hackers to access your data. Simply putting “12345” as the

protection to your confidential information won’t cut it.

Pro tip: Turn your passwords into pass-phrases. For example, instead of HELLO123, make it

HaroldsEmaraldLemonLeopardOreos. You can even mix numbers in to be extra secure.

11. Enable Two-Factor Authentication

Having a strong password helps protect against unauthorized third parties hacking and compromising

your data. However, even the strongest passwords can still be hacked.

In addition to having passwords, enabling two-factor authentication (2FA) adds another layer of

protection.

With 2FA, cyber attackers would need to know personalized answers and/or have access to your

secondary device to receive a unique code. It’s highly improbable and a great practice.

15. Eliminate Data After It Is No Longer Needed

Data security will always be at risk so long as data exists. However, once you no longer require access to

certain critical data, (i.e. PII, PHI) it is advisable to delete it.

deletes unwanted or expired files is a great data security strategy.

16. Keep Software Up-to-Date

Computer systems become more vulnerable to breaches when software programs are not updated

routinely. Make sure to keep software up-to-date to prevent vulnerabilities.

Common software updates include bug fixes, vulnerability checks, and enhancements that will protect

data security.

17. Monitor Third-Party Access to Data

Failure to monitor third-party access to data can result in reputational damage, data breaches, and loss

of financial information. Although most vendors disclose their access to your data, it is important to

monitor how it is being collected, used, and shared.

Pro tip: Develop a third-party vendor inventory and map the access each vendor has to your data. This

will help in monitoring the correct data.

18. Be Educated On The Signs of Phishing

Phishing attacks are the easiest cybersecurity threat to fall for which is why they are so common.

Hackers send malicious attachments in emails and/or impersonate the identity of a trusted individual in

hopes that users will input their personal information.

prompting favors in the headline of emails, etc. Make sure to avoid pop-ups, unknown emails, and links.

19. Don’t Use Public Wifi

Public wifi networks are not secure and can be detrimental to the security of your personal information.

Next time you’re thinking of quickly checking your bank account in line at Starbucks, make sure it’s with

your LTE.

20. Use a Virtual Private Network (VPN)

If you’re going to use a public wifi network, at the bare minimum have a VPN on your device. Virtual

private networks create a private network from a public internet connection.

In addition, VPNs mask your IP address which makes your digital footprint virtually untraceable to

hackers.

22. Don’t Use the Same Password for Multiple Accounts

Although it’s convenient to remember one password for everything, if your password gets

compromised, an unauthorized individual could potentially have access to several important accounts.

Using a password generator tool like LastPass will enable you to randomize passwords for your accounts

to keep them more secure.

Bangladesh constantly faces data security challenges like any other under developing countries.The fast

growth of digital currency and increasing internet penetration have made the country a target for

hackers and cybercriminals. According to the government, the number of current internet users in

Bangladesh is 13 crore, and the number of mobile users is around 16.5 crore. Today we spend most of

our lives on the internet and connected devices. Yet few people are aware that vast amounts of

personal data are being collected and shared from the devices and online services we use.This

information may be stored indefinitely, and our personal data can be used for our benefit or otherwise

indiscriminately. It has even been found that sharing data online has been used to infer one's socio-

economic status (eg, sharing one's favourite restaurant or items one has purchased.

Cybersecurity Awareness

 Increase cybersecurity awareness through cybersecurity courses and training programs.

 Encourage individuals and organizations to stay alert of upcoming threats and best practices.

Strong Cybersecurity Infrastructure

 Securing network with firewalls,intrusion detection like Ips/Ids and SIEM sollutions.

Data Protection laws

 Implementation of data security laws to to regulate data handling and processing.

International Collaboration

 Collaobration with international organizations to exchange best practices and threat

intelligence.

 Participate in cybersecurity projects to strengthen country’s cyber defences.

Cybersecurity response plan:

 Create and execute a thorough cybersecurity incident plan to respond to attacks.

 Perform frequent drills and simulations to evaluate the plans effectiveness.

Conclusion

Securing your data online requires a proactive and multi-layered approach. By following the guidelines

outlined in this project, individuals and organizations can significantly reduce the risk of cyber-attacks

and data breaches. Remember, online security is a shared responsibility, and it is essential to stay

vigilant and informed to protect your digital assets. By working together, we can create a safer and more

secure online environment for everyone.

https://www.analyticsvidhya.com/blog/2023/04/what-is-data-security/

 Rodrigues, J. (2024, July 2). 22 Data Security Best Practices in 2024 [Infographic]. TitanFile.

https://www.titanfile.com/blog/data-security-best-practices/

 Rohoman, M. H. (2023, January 13). Why data protection is important in the current context of

Bangladesh. Dhaka Tribune. https://www.dhakatribune.com/opinion/op-ed/302675/why-data-

protection-is-important-in-the-current

 Rodrigues, J. (2024, July 2). 22 Data Security Best Practices in 2024 [Infographic]. TitanFile.

https://www.titanfile.com/blog/data-security-best-practices