GDPR is a European privacy and security law that requires any organization that handles personally identifiable data of EU citizens to comply with its regulations. European Union mandated all organizations to comply with GDPR beginning on May 25, 2018. The GDPR imposes hefty fines for those who violate its privacy and security standards. With more and more personal data stored in the cloud, the EU is signaling the world that personal data must be treated private and stored securely. The GDPR is not only applicable to large corporations but also abides by small and medium-sized enterprises (SMEs).

We often hear protecting our online privacy requires us to follow security hygiene and beware of phishing and link baits and do not click on suspicious links from untrusted sources and follow best security practices. We also hear that we need to protect our online accounts with strong passwords and 2FA. Keeping up with the latest software patches, installing anti-virus and anti-malware software are all good practices to protect your devices.

In a recent data breach discovered by the Accellion incident, many of its clients including Kroger, Washington State Auditor, Jones Day customers are affected. Data breaches are not unusual, and it often happens to the largest companies in the world. The scale of data breaches has grown in recent years, and millions and even billions of people are affected by connected incidents. The data breaches occur from hacking and software vulnerabilities, and nothing is invincible from attacks and leaks

Internet helps us live our lives better, but it's not a safe place to hang out. There are hackers, spammers, and phishers trying to steal our personal data, and we're exposed to dangers every day. There are, however, websites and browser extensions that we can utilize to protect our privacy. We've found 5 websites and 3 browser extensions that will use to protect yourself in some ways.

With all of us stuck inside, video conferencing apps have become a default way to communicate with colleagues and some tech-savvy family members. Video chat apps have advanced in recent years, and have gotten easy to use, collaboration-ready, and accessible.

At the same time, due to the popularity of video conferencing platforms, many security flaws were discovered and used to exploit users. Some people were exposed to unwanted oversight and online trolls, and companies got an earful.

Burte force attack is a method used to guess username and password combination continuously until the valid login is discovered. Hackers use password cracking software to guess all possible passwords for a known username to gain access to the target system.

The YubiKey is a hardware device that generates passcodes for 2-factor authentication (2FA). It is not a password manager and does not store username/password pairs for your online accounts. It is a pure 2FA device that generates HMAC-based One Time Passwords (HOTP) and Time-based One Time Passwords (TOTP) that you can plug (or NFC) into your smart device. The YubiKey is recognized as a human interface device (HID) and delivers password as if the keystrokes are coming from a keyboard.

Apple's iCloud keychain is a password manager for macOS and iOS devices including Macs, iPhones, and iPads. Username/password pairs, credit card information, Wi-Fi credentials, and other personal data can be stored in iCloud, and shared amongst all of your Apple devices. Your personal data are encrypted with 256-bit AES, and saved in your iCloud, and transferred to and from iCloud to your devices encrypted so it is very secure. The data stored in your keychain can be accessed through Safari, and some third-party Apple apps but not with Google Chrome, unfortunately.

2FA (2-factor authentication) is a form of MFA where a user is required to supply 2 forms of authentication to allow access to the system. The traditional authentication system used the username/password pair to grant access to an account, but a growing number of hacking due to the use of weak passwords prompts the industry to offer an additional form of authentication to enhance the security of login access.

When you're in-market to purchase a product and find a very attractive price but the website doesn't look very professional. Would you take the risk and purchase the product at the site where it offers the best price, or will you research the product and determine if the company is legitimate before purchasing a product?