You may have logged in to a public Wi-Fi network at a restaurant while waiting for your order to arrive or at an airport before your flight. This simple act, which is quite routine for most of us, unknowingly leaves us vulnerable to cyberattacks by leaving digital footprints that reveal our personally identifiable information, and eventually compromises our data privacy.

Sharon Holi, the head of Head of Customer Privacy at Safaricom explains why these seemingly innocuous acts could lead to serious data privacy breaches.

“That link you clicked or that app you downloaded, do you really need to share contacts, location, microphone and personal details like identification card number, phone number or other details? It’s all about keeping an eye out for instances when you need to ask yourself whether you are well protected from unauthorised use of your personal data,’’ Sharon advises.

In a world where data has become an asset that can be used to drive innovation through data-driven solutions, if not well protected, mishaps such as credit card fraud,cyber attacks, identity theft and even financial loss can happen.

This is why Safaricom has implemented globally-certified approaches that have earned them data privacy compliance certifications such as  ISO 27001 Information Security Management Systems certified  and ISO 27701 Privacy Information Management System certification.

“From access controls where staff can only access information on a need to know basis, audit logs that track every access to data, data minimisation like on M-PESA statements so that only information that is necessary is shared, data leakage prevention controls, encryption and 24/7 auditing, monitoring and investigation of any suspicious activity,” Sharon said.

Apart from the measures that Safaricom and legal frameworks such as the Constitution and the Data Protection Act, 2019 provide to protect our personal data, it is important that each of us takes responsibility for safeguarding the small “crumbs” of ourselves that we leave behind, whether in digital spaces or physical locations.

So here are a few practices you can adopt to protect your personal data and ensure that it does not fall in the wrong hands.

1. Limit information shared in building entrances: Before engaging in the digital world, consider the data you leave in physical spaces such as building entrances. Sharing identity card numbers, phone numbers, email addresses or even car number plates in books with unrestricted access exposes you more than you realize. Unless legally required, provide only the minimum necessary information.
2. Avoid using public Wi-Fi spots: Public Wi-Fi networks can be unsecured and easy for attackers to exploit. Use mobile data or trusted networks whenever possible.
3. Do not accept unnecessary cookies: While rejecting cookies may slightly slow your access to websites, it helps protect your online privacy and limits tracking of your browsing habits.
4. Limit app permissions: Limit apps from accessing sensitive data such as location, contacts and media unless absolutely necessary. This reduces the risk of apps sharing your personal information without your knowledge.
5. Use unique and strong  passwords: Avoid using the same password across multiple accounts.This is especially for sensitive applications such as mobile money, banking apps and email accounts., which you should have different passwords for.Also avoid saving your passwords on your phone or a single document such as a personal diary.This prevents a single breach from compromising all your platforms.
6. Enable two-factor authentication:This ensures that apart from your password, an extra step such as  code sent to your phone is required to access sensitive accounts. This adds an extra layer of security even if your password is compromised.
7. Avoid sharing live locations on social media: While posting live updates may be tempting, sharing real-time locations and home addresses can be exploited for cyberattacks or tracking.
8. Password-protect applications containing personal data: Ensure messaging  applications such as WhatsApp are secured with strong passwords.This means that even when your phone is stolen and accessed, your private messages will still be password-protected.
9. Familiarize yourself with service provider safety measures: Learn and activate security features offered by your bank or mobile money provider. Examples include two-factor authentication for signing in to applications, limiting remote SIM-card replacement, limiting transaction amount that can be processed online and requiring branch visits for sensitive transactions such as card replacements.
10. Be cautious with emails and messages from unknown sources: Avoid clicking on suspicious links in emails or WhatsApp messages that could compromise your device or accounts.