Personal data security tips
Posted on Friday, April 7, 2017Last Monday, April 3, it came out that the data of 450,000 lottery participants had become insightful due to a security breach. It turned out afterwards to be an investigation, but it does make you think. After all, the convenience and speed of booking online comes with a rapid exchange of personal data. What is being done to protect your personal data?
At LeisureKing, we take the protection of personal data seriously. Therefore, we do not collect more data than we actually need. For more information please read our privacy policy. In addition, our payments are made through Pay.nl. As a payment provider, they collect and manage the financial data. Pay.nl has a strict and controlled privacy policy. Curious about their policy? Read it here.
Business and customer data is collected in LeisureKing. But how do we ensure the security of this data? And what can you do?
A strong password is one of the basics. Did you know that 99% of all weak passwords used can be aggregated into a list of 10,000? To achieve a strong password, it is important to use a combination of uppercase, lowercase, numbers and numeric characters. In addition, you can change letters into numbers, for example, v3r4nd3r3n.
The regularly changing your password can strengthen data protection. We would note, however, that it often provides convenience. If you do it, make sure the updated password is as strong as your previous password.
Use the password only in one place. Many parties are moving to an email address and password as login. This quickly makes you dependent on the reliability of the external party, because what are they doing with your password? At LeisureKing, we therefore only collect usernames.
At LeisureKing, we use personal 2 factor authentication. This means that if someone has forgotten their password, they must contact LeisureKing personally. After verification, one of our employees will provide access to the account after which a new password can be created.
Unique username and password for each user within your LeisureKing account. Passwords are often shared with third parties, such as between colleagues. A colleague should have his or her own username and password with which he or she can log in and perform certain actions. Should there ever be discussion about an action performed, this can be traced.
No more rights than necessary. Within LeisureKing, you can specify for all users within your account which functions they have access to. For example, you can ensure that a cashier does not have access to statistics.
We hope that after reading the above information, you have gained a better understanding of the security of your data. In addition, we are curious about your answers to the following questions.
- Do you use the password for other login data as well?
- Are you using one login for multiple users?
- Don't your users have too many permissions?
Can't answer all of these questions with no? Then try observing the tips above. We are happy to help you with this!
Watch our videos on the changing user settings and the chat via the online help desk.