Take note....and if not, do so at your own peril!
This post addresses a few critical things everyone ought to be across......
From Business Leader (UK):
Business Leader Magazine attended the Stackhouse Poland cyber security event in London, where leading experts were brought together to discuss General Data Protection Regulation (GDPR) and cyber security; and how businesses can best deal with these issues.Sandy Gilchrist (Director at Priviness): “The most important thing from a businesses’ internal governance perspective is to be prepared all the time and to put it on the agenda before it becomes the agenda.
“This means setting up processes and systems within your organisation to ensure that you are looking at this all the time. In addition to this, make sure you have the right training and that everything in the business is documented, because unless it is, you are in breach of GDPR as well as being susceptible to hacking.”
From Krebs on Security:
"Many webmail providers now encourage users to take advantage of two-step (a.k.a. “two factor”) authentication methods in addition to passwords for securing access to email. This usually involves the user adding a mobile phone number to their account that gets sent a one-time code that needs to be entered after supplying the account password. The idea here is that even if thieves somehow manage to phish or otherwise glean your account password, they still need access to your phone to discover the one-time code.Depending on how you’ve set up two-step authentication, however, this may be far from airtight security. What’s more, not all two-step authentication methods are equally secure. Probably the most common form of secondary authentication — a one-time code sent to your mobile device via SMS/text message — is also the least secure.That’s because thieves who manage to phish or otherwise filch your password can then simply ring your mobile provider pretending to be you, claiming that your phone is lost and that you need to activate a new phone and corresponding new SIM card. Or, they convince a gullible or inexperienced customer support rep to temporarily forward all of your calls and texts to a different number (this happened to me in 2013)."
Again from Krebs on Security:
"An October 2015 piece published here about the potential dangers of tossing out or posting online your airline boarding pass remains one of the most-read stories on this site. One reason may be that the advice remains timely and relevant: A talk recently given at a Czech security conference advances that research and offers several reminders of how being careless with your boarding pass could jeopardize your privacy or even cause trip disruptions down the road.In What’s In a Boarding Pass Barcode? A Lot, KrebsOnSecurity told the story of a reader whose friend posted a picture of a boarding pass on Facebook. The reader was able to use the airline’s Web site combined with data printed on the boarding pass to discover additional information about his friend. That data included details of future travel, the ability to alter or cancel upcoming flights, and a key component need to access the traveler’s frequent flyer account."