For those IoT products that you own and control, do you have them sufficiently secured, to be safe from the threats of the internet? Here some key checks to make to see if you need to make any improvements on Safer Internet Day.
In our Privacy Professor January Tips of the Month, one of the privacy beacons we highlighted was the “Cover Your Tracks” website from the Electronic Frontier Foundation (EFF). Here are the results of our testing with this website.
Many of our Privacy and Security Brainiacs and Privacy Professor consultancy clients have asked for a simple description of the Log4j problems they’ve seen so much about in the news lately. Here are some key facts and advice we’ve provided to them.
What encryption solution businesses use? Every type of organization will typically each need to use at least two, but usually more, types of encryption solutions to meet their needs. Why? Because each organization needs to encrypt personal data, sensitive data, and a wide range of other types of regulated data, wherever the data is collected, stored, or transmitted.
2020 was a wakeup call for more than healthcare pandemic preparedness. It also exposed some huge security and privacy vulnerabilities, that many cybercrooks have exploited thousands of times throughout the year, for remote workers; both those work-from-home (WFH) employees, along with those mobile workers who have largely been going under the CISOs’ and information security departments’ radars for the past two to three decades. Will cybersecurity and privacy pros heed the lessons learned from the awakening?
In my previous blog post, I described how one of my monthly Privacy Professor Tips readers recently sent me a question about some unusual coincidences where it seemed that home conversations and activities were then known and discussed by workers. When working from home, or mobile working while traveling, it is important to remember that cybercrooks and business competition are actively exploiting the vulnerabilities that are present in most home offices, hotels, restaurants, airports, and a long list of other locations where remote work occurs.
With what may be the majority of office workers throughout the world now working from home, cybercrooks and business competition are actively exploiting the vulnerabilities that are present in most home offices. This series of blog posts focus on fours ways in which digital spies enter home office areas, and some information security and privacy protections you can put in place to shut the holes in the digital pathways created into your organization through working from home office areas. Part 1 provides an overview of digital spies coming through IOT devices.
There will come the inevitable day when your organization will need to make a privacy breach notice. Will you be prepared and know what to do when this day comes?
All organizations need to identify and document all the outsourced and contracted entities that possess or otherwise access their information, in all forms. Here are some reasons why.
With the preponderance of people now taking photos and videos with their phones as part of their standard daily activities, the number of situations where healthcare workers are capturing images and posting on their Instagram, Facebook and other social media sites is dramatically increasing. What does this mean for compliance with the HIPPA Privacy Rule?
Is it a HIPAA violation to call out a patient’s full name in the waiting room? What factors go into deciding whether something like this is a HIPAA violation? The Privacy Professor Explains.
A right to audit clause is a good idea for all types of organizations, of all sizes, not only as a way to demonstrate due care, about also to to be proactive in preventing privacy breaches and security incidents. Here are the top reasons why you should have right to audit clauses within business partner contracts.
Eddie Tipton, an information security officer, was able to successfully rig the Hot Lotto random number generator and commit the largest lottery fraud in US History. How did he do it? The Privacy Professor explains.
During my work with a wide range of small to large organizations, in a wide range of industries, I’ve found there are some common reasons why encryption is not implemented. Here are the top four I’ve run across.