data protection

Two Months In: How Are Companies Being Impacted by the GDPR?

Online data privacy has always been a controversial topic. The fact that users store data with third parties has demanded increased transparency on how these platforms actually store and process personal data. Data breaches resulting in compromised personal information have added fuel to the fire, proving that privacy concerns are warranted. These…

Mitigate Risks with Modern Password Recovery Systems

The ability to reset your password is an essential system requirement. With so many online services available, it’s common to have multiple user accounts for the various apps and services you interact with every day. Security doctrine dictates that you need a different password for each account, and that you update each one regularly. With so many…

How Secure is Social Login?

Social login gives application users the ability to apply existing login information from their social media accounts to register and sign into third-party sites. But before we jump into the topic of whether social login is secure or not, let’s answer the question below. Do users really want social login? (Spoiler alert: Yes!) From a user’s point…

3 Quick Ways to Increase Customer Data Security

Trust is the cornerstone of any successful customer relationship and organizations now have more opportunities than ever to gain that trust. In today’s interconnected world, companies are constantly handling sensitive customer data—and how they use and secure that data plays a huge role in determining the trust customers place in them. A breach…

Supporting the Office of Management and Budget’s Identity Policy Proposal

The White House Office of Management and Budget (OMB) is proposing a new policy to address Federal agencies’ implementation of Identity, Credential, and Access Management, and earlier this month asked for public comments on the policy draft. Tim McIntyre, our associate general counsel and data protection officer, submitted the below comment to the…

Advice for US-based IT Managers on GDPR Impact and Compliance

The General Data Protection Regulation (“GDPR”) is a European Union (“EU”) law, but it’s going to have a big impact on American businesses that collect and process personal data of EU individuals. While American companies may be familiar with its predecessor, the Data Protection Directive through the Privacy Shield and Model Clause programs, the…

Credentials: You Can’t Take Them With You

There is a price tag on misused credentials. This week, as Rachel King at the Wall Street Journal reports, Tata Consultancy Services’ (TCS) bill came out to $940 million. An employee at TCS was found to have used credentials from a previous contracting job at Kaiser to access more than 6,000 confidential files on Epic System’s web portal. Prior…

Archive