data protection

How Secure is Social Login?

Social login gives application users the ability to apply existing login information from their social media accounts to register and sign into third-party sites. But before we jump into the topic of whether social login is secure or not, let’s answer the question below. Do users really want social login? (Spoiler alert: Yes!) From a user’s point…

3 Quick Ways to Increase Customer Data Security

Trust is the cornerstone of any successful customer relationship and organizations now have more opportunities than ever to gain that trust. In today’s interconnected world, companies are constantly handling sensitive customer data—and how they use and secure that data plays a huge role in determining the trust customers place in them. A breach…

Supporting the Office of Management and Budget’s Identity Policy Proposal

The White House Office of Management and Budget (OMB) is proposing a new policy to address Federal agencies’ implementation of Identity, Credential, and Access Management, and earlier this month asked for public comments on the policy draft. Tim McIntyre, our associate general counsel and data protection officer, submitted the below comment to the…

Advice for US-based IT Managers on GDPR Impact and Compliance

The General Data Protection Regulation (“GDPR”) is a European Union (“EU”) law, but it’s going to have a big impact on American businesses that collect and process personal data of EU individuals. While American companies may be familiar with its predecessor, the Data Protection Directive through the Privacy Shield and Model Clause programs, the…

Credentials: You Can’t Take Them With You

There is a price tag on misused credentials. This week, as Rachel King at the Wall Street Journal reports, Tata Consultancy Services’ (TCS) bill came out to $940 million. An employee at TCS was found to have used credentials from a previous contracting job at Kaiser to access more than 6,000 confidential files on Epic System’s web portal. Prior…

Archive