Data Privacy Day 101: are your privacy controls keeping up?

TL;DR: Data Privacy Day 101 frames privacy as an everyday control problem, urging people and organisations to review data-sharing permissions, delete unused apps, and protect accounts with strong passwords and MFA, according to SailPoint. The real lesson is that privacy settings, authentication hygiene, and identity security are inseparable.

NHIMG editorial — based on content published by SailPoint: Data Privacy Day 101

By the numbers:

• MFA has been found to block 99.9% of automated attacks when enabled.

Questions worth separating out

Q: How should security teams reduce privacy risk in everyday app use?

A: Start by limiting data sharing to what the service actually needs, then enforce strong authentication on accounts that carry sensitive information.

Q: Why do privacy controls still fail even when users read the policy?

A: Policies do not stop over-permissioning or weak identity hygiene.

Q: How do organisations know whether MFA is actually reducing account risk?

A: Look for lower success rates in automated login attacks, fewer suspicious sign-ins on protected accounts, and reduced takeover incidents after enforcement.

Practitioner guidance

• Review app permission requests before approval Compare each requested permission with the service's actual function.
• Enforce unique passwords through a password manager Standardise password manager use for employees and encourage it for consumer-facing accounts that store financial, health, or recovery data.
• Require MFA on sensitive accounts Make MFA mandatory on email, finance, admin, and cloud-linked services where account compromise would expose personal or business data.

What's in the full article

SailPoint's full blog covers the practical privacy habits this post intentionally leaves at a higher level:

• Plain-language guidance on reviewing privacy policies before you share personal information
• Simple device and app housekeeping steps that reduce exposure across consumer and work accounts
• A short explanation of why MFA and password managers improve protection for sensitive services

👉 Read SailPoint's blog on Data Privacy Day basics and account protection →

Data Privacy Day 101: are your privacy controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →