Blog Posts Tagged with Data Security

Pages

Lessons from FTC’s Lenovo case: Pay attention to the man in the middle

The Wizard of Oz was right: “Pay no attention to the man behind the curtain.” That’s because according to an FTC settlement, computer company Lenovo should have been paying attention to the “man in the middle.” In this case, the “man in the middle” was preloaded ad-injecting software that put consumers’ personal information at risk from harmful man-in-the-middle attacks.

Stick with Security: Secure remote access to your network


Ask a business person where their office is located and the likely answer is “everywhere.” They’re working from home, staying in the loop while traveling, and catching up on email between sales calls. For productivity’s sake, many companies give their employees – and perhaps clients or service providers – remote access to their networks. Are you taking steps to ensure those outside entryways into your systems are sensibly defended?

Stick with Security: Segment your network and monitor who’s trying to get in and out


Who’s coming in and what’s going out? Businesses that want to stick with security build commonsense monitoring into their brick-and-mortar operations. Whether it’s a key card reader at the door or a burglar alarm activated at night, careful companies keep an eye on entrances and exits.

FTC says Uber took a wrong turn with misleading privacy, security promises

How much information does Uber have about its riders and drivers? A lot. The FTC just announced a settlement addressing charges that the company falsely claimed to closely monitor internal access to consumers’ personal information on an ongoing basis. The FTC also alleges that Uber failed to live up to its promise to provide reasonable security for consumer data.

Start with security – and stick with it


When it comes to data security, what’s reasonable will depend on the size and nature of your business and the kind of data you deal with. But certain principles apply across the board: Don’t collect sensitive information you don’t need. Protect the information you maintain. And train your staff to carry out your policies.

Innovation citation: FTC announces winners of IoT Home Inspector Challenge

Internet of Things entrepreneurs are developing products to help keep households running smoothly. But like anyone else you invite into your home, it’s important that IoT devices – appliances, fitness monitors, home security systems, etc. – behave like good houseguests. Out-of-date software can pose a particular problem. One IoT device without software updates can present its own security risks, of course, but it also can introduce vulnerabilities elsewhere on the home network.

FTC to Small Businesses: Gather Round

Legend has it that King Arthur gathered his knights at a round table. Because the table had no head, it signaled that everyone seated at it was respected, and their contributions were welcome. At the FTC, we love the concept of a round table. It's a way to bring together stakeholders for a mutually beneficial discussion.

Best practices to foil gas station skimmers

If you own or operate gas stations, chances are you know about skimmers – illegal card readers attached to payment terminals, like gas pumps, that grab data off a credit or debit card’s magnetic stripe without the customer’s knowledge. Criminals sell the stolen data or use it to buy things online. If your pumps are compromised, customers won’t know their information has been stolen until they get an account statement or overdraft notice.

Customers aren’t only victims here. Your business can suffer from the associated costs, including a damaged reputation and lost sales.

Connected cars: What’s on the agenda

Ladies and gentlemen, start your engines. The FTC and the National Highway Traffic Safety Administration have announced the agenda for their joint workshop on the consumer privacy and security implications of connected cars. If this emerging tech issue is of interest to your clients, race to Washington (within the lawful speed limit, of course) to attend the event on Wednesday, June 28, 2017.

PrivacyCon 3: Save the date

With schedules changing as frequently as they do, we can’t be sure what’s on tap for tomorrow. But we already know where we’ll be on Wednesday, February 28, 2018. We’ll be at the FTC’s third PrivacyCon – a gathering of researchers, academics, industry members, consumer advocates, and government representatives talking about the privacy and security implications of emerging technologies.

Pages