Yahoo Says at Least 500 Million Accounts Breached in Attack

“Says the attacker was a “state-sponsored actor.” Read More Below

The public acceptance and tolerance of data breaches including the theft of their identity information and also occasional credit card account compromises continues despite so much evidence that there is a need for caution.  Its one of the strange anomalies of the digital age.

Source: Yahoo Says at Least 500 Million Accounts Breached in Attack | Data Center Knowledge

Thanks to Data Center Knowledge

9 keys to having a HIPAA-compliant cloud

“For a public IaaS cloud environment to be compliant with strict data privacy laws from HIPAA certain controls must be put in place. Here are 9 examples:

  1. Implement audit controls: Use tools such as AWS’ Cloudtrail and S3 buckets as key components of a logging infrastructure.
  2. Review system activity: Leverage audit logs to enable the review of activity within your system.
  3. Identity and Access management controls: Keep track of every user who logs into a cloud environment and what they do; alert administrators if settings are changed.
  4. Disaster recovery: Ensure there are backups of all data to satisfy contingency plan requirements, including emergency mode operation.
  5. Evaluate your security posture: Conduct vulnerability scans, penetration tests, and code scans on systems processing Personal Health Information (PHI).
  6. Establish a proper Business Associate Agreement: Outline key responsibilities between you and your vendors. These should address responsibilities for keeping data safe, how to provide patients with access to their data, and what to do in the case of a data breach.
  7. Access Controls: Ensure users are unique and logged. Enable auto logoff features, robust authentication features, and stateful security groups.
  8. Encrypt PHI and other sensitive data: Encrypt all data in motion and in rest using a purpose-designed approach.
  9. Ensure transmission security: Effectively enable the proper encryption of data in transit using AES 256 encryption (SSL and TLS) as well as object keys where feasible.”

Please look to SafeJunction for your PHI data in motion and data at rest.

Source: 9 keys to having a HIPAA-compliant cloud

Thanks to Network World

Internet of Things a Spyglass on Workers?

“Congress is showing some bipartisan support for the “internet of things,” but some worker advocates say lawmakers may be overlooking the employee privacy implications of technological advances in the workplace.The House Sept. 12 passed with overwhelming bipartisan support a resolution (H.Res. 847) calling on policy makers to come up with a strategy to encourage the internet of things.The buzz phrase refers to the increasing power of technology to allow machines and people to communicate with each other via linked sensors, whether it’s a pacemaker that sends performance information to doctors or crop sensors that tell farmers when it’s time for more water.”

SafeJunction protects your IoT identity and data,

Source: Internet of Things a Spyglass on Workers? | Bloomberg BNA

internet-of-things

Thanks to Bloomberg BNA

Changing Tactics: The Rise of the Privacy Advocates

Justin Brookman of the Center for Democracy and Technology certainly thinks privacy advocates are gaining traction. Five years ago, for example, the public really wasn’t engaged in the conversation about privacy at all.

“The issues weren’t intuitive to them, and the message wasn’t getting out,” Brookman said.

The privacy conversation continues with increased awareness of threats to Internet users identities and information.  Until there’s a major event, breach, or high profile privacy breach, users will continue to assume that they won’t get hacked, have their financial services compromised, or be embarrassed.  SafeJunction continues to believe that our privacy products will continue to be relevant, but market adoption will be slow.

Changing Tactics

privacy1-520x245

Thanks to

How the Clinton Campaign Is Foiling the Kremlin

“Staffers are now using a “Snowden-approved” app to hide Trump-related e-mails from hackers, in Russia and elsewhere.”

And SafeJunction‘s SafeShare can give you “object” privacy within emails, in private and shared folders, and on Cloud storage drives.  Check it out today!

Source: How the Clinton Campaign Is Foiling the Kremlin | Vanity Fair – Linkis.com

gravitocity-sales-prospecting-hillary-clinton-780x520

Thanks to Vanity Fair and Linkis.com

People, Please Don’t Store Private Data in Your Address Book

 

Don’t store your private data in your smartphone address book.  Keep it in an encrypted file or password keeper.

Seriously!

Source: People, Please Don’t Store Private Data in Your Address Book | WIRED

strong-password-methods1

Thanks to Wired

Why online privacy matters — and how to protect yours

“Christopher Soghoian of the ACLU talks privacy, security and why you should put a sticker on your webcam right now, in conversation with investigative journalist Will Potter.”

Its hard to tell that people really care about online privacy.  The real conversation hasn’t really begun yet.  No one has lost enough of their money, reputation, or self concept to raise the level of importance of privacy.  Even though we’ve had some high visibility crimes and newsworthy breaches, security failures, and embarrassing leaks, the Internet using public has yet to rebel or even complain too much.

Privacy has become an interesting 21st Century curiosity – especially given the guarantees of the Fourth Amendment of the US Constitution.

SafeJunction cares about privacy.  Will you?

Source: Why online privacy matters — and how to protect yours |

iStock_000070827565_Medium

Thanks to ideas.ted.com

The right to obscurity on the Internet

Do individuals have a right to be hidden, or obscured, on the internet? This question, central to the landmark Google Spain  case decided in May 2014, drew widespread attention and called into sharp relief the way in which some aspects of freedom of expression and privacy are viewed in Europe and the United States.

Source: The right to obscurity on the Internet

Thanks to NEWEUROPE

WhatsApp Sharing Data with Facebook Raises Alarm for Privacy Advocates

“Changes announced by WhatsApp have drawn the ire of privacy advocates, who say that the messaging service’s plan to share user data with parent company Facebook is against the law and should be blocked.The changes will allow the popular app — which says it has more than one billion users — to “coordinate more with Facebook” by sharing the user data, they said. The move prompted The Electronic Privacy Information Center (EPIC) and the Center for Digital Democracy to announce they would be filing a complaint with the Federal Trade Commission (FTC).”

Protecting consumers is obviously not on the minds of What’s App or parent company Facebook.

Source: WhatsApp Sharing Data with Facebook Raises Alarm for Privacy Advocates – ABC News

Thanks to ABC News

Mobile Apps Study Underscores Necessity of Strong Best Practices for Health and Wellness Data

“A new FPF Mobile Apps Study underscores the necessity of strong Best Practices for health and wellness data. The App Study revealed that while the number of apps that provide privacy policies continues its upward trend from our previous surveys.”

Source: Mobile Apps Study Underscores Necessity of Strong Best Practices for Health and Wellness Data – Future of Privacy Forum

Thanks to Future of Privacy Forum