Sensitive data and how to protect it

What is sensitive data?

Sensitive data is important information that no one should access without permission. It’s a broad term that encompasses details about a person's religious beliefs, political opinions, genetic or health data, racial or ethnic origin, biometric data, etc. The leakage of such info might cause someone financial or reputational damage or be used for malicious purposes if it falls into the wrong hands.

In business, sensitive data is confidential data that must not leave the company. This can be customers' personal and financial data or important trade secrets or strategies that competitors might abuse.

What is personal data?

Personal data is a much narrower term. It includes data that can be used to identify someone, such as their name and surname, ID number, driving license details, and other personally identifiable information. Some of it can identify a person only if combined with additional info. For example, someone could identify you by having your home address and your name. Cybercriminals can collect any small pieces of data available online and put them together into quite a substantial package of information about a person.

More generally speaking, personal data is any data that someone with bad intentions could use to violate your privacy or use against you or your relatives.

Who can abuse your personal data?

Criminals might use personal data for various reasons, including bullying or harassing their victims. For example, they can snatch a private image of you and threaten to publish it. They might also manipulate the context of your photo, thereby harming your reputation. Cyberstalkers might even use personal info to follow or even physically assault someone, while others may exploit it for purely pragmatic reasons, such as snatching your money, stealing your online identity, or spamming.

But it’s not only cybercriminals who are interested in your data. Social media networks, ISPs, third-party organizations, websites, and governmental institutions regularly collect users’ personal data and browsing habits for marketing purposes. They frequently use cookies to track your digital footprints.

Data protection laws

While you should put considerable effort into protecting your data, there are some laws to protect you from snoopers. One comprehensive law in the EU is GDPR (General Data Protection Regulation), which maintains that companies can only gather your personal information with your consent. Organizations that do not comply with these regulations may face substantial fines.

How to protect sensitive data

Take the following steps to make yourself safer online:

• Use strong passwords. You can use our NordPass tool to generate and store complex passwords;
• Encrypt your files. Use NordLocker to secure files with top-notch encryption. Even if someone got hold of your files, they would not be able to access them;
• Use common sense when surfing online. Do not click on suspicious links or ads, and avoid opening suspicious messages or dodgy websites. Also, do not give out personal data to persons you do not know;
• Keep your social accounts private. Make your social media pages visible only to people you know and trust;
• Do not share your identifiable personal information. Keep details like your phone number or home address out of the public eye.
• Use a VPN service. It will encrypt your traffic, and no one will be able to see what you do online. Using a VPN is essential if you use public Wi-Fi or share sensitive files over the internet;