Following Ubiquiti’s security incident and its subsequent recommendation to change your router password and enable multi-factor authentication, and the fact that it is widely reported that using default passwords on routers while working from home is a security risk, we thought it would be helpful to remind you to change your router password sooner rather
passwords
Oregon’s New IoT Law
Oregon became the latest state to require manufacturers of internet “connected devices” that make, sell or offer to sell the devices in the state to equip the device with “reasonable security features” according to Oregon House Bill 2395 amending ORS 646.607.
According to the law, “[R]easonable security features” means methods to protect a…
UK Information Commissioner’s Office Issues Guidance on Use of Encryption and Passwords in Connection with GDPR
The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures. This month, the United Kingdom’s Information Commissioner’s Office (ICO) issued new guidance focused on two specific measures the ICO recommends that companies consider in complying with the GDPR security requirements: encryption and passwords.
Continue Reading UK Information Commissioner’s Office Issues Guidance on Use of Encryption and Passwords in Connection with GDPR
Privacy Tip #53 – Valuable Lesson: Don’t Write Down Passwords
I have been doing a lot of live employee training lately. I really enjoy it, and have been told that it is some of the most entertaining training around. The reason why I can get the audience to laugh is because I tell real stories of some ridiculous things people have done that have gotten…
Lightspeed Urges Customers to Change Passwords Following Data Breach
Lightspeed, a retail point-of-sale company that provides cloud-based services to 38,000 clients, has reported that its central database, which stores client information on sales, products, encrypted passwords, and in some instances, electronic signatures, has been compromised.
The system that was compromised was the one that retailers can access through tablets, smartphones, and other mobile devices.…
Privacy Tip #49 – Use a Passphrase Instead of a Password
I love to train employees on data privacy and security. It tends to be rather entertaining as I can tell crazy stories about real life scenarios about data breaches or compromises. The stories are quite beneficial, as most employees say “I would never do that!”
One of my favorite stories to tell, as it is…
Oklahoma and Virginia become newest states to consider social media legislation
The list of states that have passed social media legislation is getting longer. Early next week, Oklahoma will become the newest state to consider social media legislation (along with approximately 23 others) to prohibit employers from asking employees or applicants to provide them with their social media account passwords and from being forced to access…
6,400 American Bankers Association members’ usernames and passwords compromised
Late last week, the American Bankers Association disclosed that its computer systems had been compromised exposing thousands of members’ personal information. The hacking occurred through its website’s shopping cart tool, which is used to make purchases or to register for events. The hackers stole 6,400 usernames and passwords. The Association denies that any credit card…
Maine joins the mainstream with new social media law
Joining more than 20 other states, and many of its sister states in the Northeast, Maine has passed a social media law that prohibits employers from requiring employees or applicants to provide them with their social media account information and passwords. This social media law was not passed in the traditional fashion of passage by…