Previous month:
December 2014
Next month:
February 2015

January 2015

Data Privacy Day 2015 Reading List

Dpd15The National Cyber Security Association earmarks January 28 as Data Privacy Day, "an international effort to empower and educate people to protect their privacy and control their digital footprint", Also called Data Protection Day, sponsors and volunteers annually dedicate time and resources to raise awareness of privacy threats and ways to protect one's privacy, as well as the confidentiality of one's business data.

Here's a short list of sources you should visit this Data Privacy Day. It includes carryovers from 2014 and some great new posts or articles:

Council of Europe Data Protection Day 2015

Cloudward.net's Data Privacy Day 2015: Top Experts Comment on Privacy Issues

Internet Society's Four Basic Steps to Protecting Your Digital Privacy in 2015

Data Privacy Day: Do you know what your apps are doing?

The US Federal Trade Commission's Privacy & Identity and Protecting Personal Information: A Guide for Business pages

Healthcare Information and Management Systems Society's Privacy and Security Awareness Initiatives

Privacy By Design's A Primer on Metadata: Separating Fact from Fiction

SANS Secure the Human Project

Data Privacy Day – protecting your personal information

Mozilla Foundation's Get Smart on Privacy initiative

Trend Micro's Why Data Privacy is Important?

28th January Is Data Protection Day, Five Quick Things You Can Do

Articles I've written about privacy also explain how each of us is often our own worst privacy enemy. These articles in particular remain timely and relevant:

There are only three true Internet privacy threats 

Privacy Awareness 101: Five easily remembered rules for protecting privacy

Are Your Data at Rest Also at Risk?

Metadata or Content: NSA is not the only data collector you should fear

Trusting Third-parties with your password

How much activity on the Internet is truly consensual?

Safe reading!


Are you using 2-step verification? (Survey)

Passwords play roles in many security incidents. Phishing attacks often seek to collect a target's login information for online banking, corporate or private email, network login, auction or social media sites. In these and other attacks, attackers benefit from how we rely only on a password to access an account or prove our identity.

2-step verification is a more secure form of proving your identity (who you are) than just passwords. In most 2-step verification systems, you register a "trusted device" with an online banking service, blog, or social media provider: this device is typically your mobile phone. When you log in to that service or social media, you verify your identity by entering both your password and a "verification code" that's sent to your trusted device (again, most often your mobile phone). By adding this second step, someone who learns your password for your online banking service, etc., can't impersonate your or access your accounts unless he also has your trusted device. 2-step verification is a good defense against stolen passwords. 

The purpose of this post - and the embedded survey - is to learn whether 2-step verification is popular, and where people are using it. A secondary purpose is to raise awareness of 2-step-verification so that more people will be encouraged to use it.

Please take a few minutes to answer the six (6) questions. Share the survey with your colleagues, friends and family members, especially those who are not overly technical. The more responses, the better!

 Thanks in advance for your help. I hope to share results by 15 February.


Image by Dennis S Hurd, Creative Commons License
https://creativecommons.org/licenses/by-nc-nd/2.0/