Articles on Privacy

• Privacy What Happens After You've Set Up Google Inactive Account Manager?
  Google's Inactive Account Manager notifies designated contacts after 3+ months of account inactivity, optionally sharing data with them. Google sends multiple alerts before expiration and requires...
• Incident Response Why Organizations Don't Prepare for Information Security Incidents
  Organizations fail to prepare for security incidents not because they're unaware of threats, but because they believe they personally won't be attacked and underestimate the disruptive effects of...
• Incident Response Some Facts and Conjecture About the VeriSign Data Breach
  VeriSign's 2011 SEC filing disclosed a 2010 breach where information was exfiltrated from compromised corporate systems. The APT-style attack characteristics and inability to assess future misuse of...
• Authentication Anticipating The Future of User Account Access Sharing
  Roughly one in three teens share passwords as expressions of trust, much like giving out school locker combinations. Adults also share credentials for practical reasons—Netflix accounts, admin...
• Incident Response How a Data Security Breach Can Be Used for Good PR
  Hershey turned a website breach into positive PR by emphasizing that the attacker only modified a single baking recipe. Headlines focused on the quirky detail rather than consumer data exposure....
• Incident Response Asymmetry of People's Time When Handling Major Security Incidents
  Organizations without mature incident response programs overreact to breaches—calling all-hands meetings, micromanaging tasks, demanding night-and-day work—spending disproportionate time compared to...