It seems as though data breaches affecting millions of Americans are constantly in the news these days. If this makes you anxious about the safety of your personal information, that’s understandable. You can protect your data by using secure internet connections rather than public Wi-Fi when you’re providing sensitive information such as financial account numbers online, keeping your computer and mobile device safe against malware that may be lurking in email attachments, pop-ups and banner ads, downloading apps and other programs only from trusted sources, and being wary of anyone who contacts you unexpectedly asking for it. You can also use the security settings on social media sites to restrict who can see your posts.

In the offline world, you can reduce the possibility of identity theft and fraud by sending bill payments from public mailboxes rather than from the mailbox in front of your house and collecting your mail promptly, shredding documents that contain account numbers and other personal information when they’re no longer needed and not carrying your Social Security cardaround with you.

But when businesses have your data, you can’t control how well it‘s safeguarded. There are some simple steps that you can take, however, to make it harder for fraudsters to use your personal information if they get ahold of it.

• Create separate passwords for your most sensitive accounts. Sure, it’s convenient to use the same password for everything. Crooks know that, so if they get your password for one account, they’ll try it to log into accounts on other websites. Any account that has your financial information, Social Security number or other sensitive data should have a unique, strong password to keep would-be intruders guessing.
• Beef up your authentication. If your username, which is often your email address, and a password is all it takes to access your accounts, your defenses are relatively weak. Two-factor authentication – your password plus something that only you have, such as a one-time code that is sent to you as part of the login process – provides much stronger protection.
• Freeze your credit file. This prevents identity thieves from opening new credit accounts in your name because the lenders won’t be able to access your credit record. Since some landlords and employers also check applicants’ credit records, freezes can also stop fraudulent attempts to get jobs or rent apartments using your identity. Contact the three major credit reporting agencies – Equifax, Experian, and TransUnion – to request a security freeze. You can lift the freeze anytime you need to and reset it. In some situations you may be able to do this for free; otherwise, there will be a small fee.

Investing in smart home technology is more than just a cool party trick, it can also help you save money and energy.

1. SET SCHEDULES WITH A SMART THERMOSTAT

Your heating and cooling system can be a big contributor to your electricity bill. One of the easiest ways to save money and cut down this cost is to install a programmable thermostat. WiFi thermostats, for example, the ecobee4, allow you to save energy and change the temperature or schedule your thermostat from anywhere. You can create schedules, set reminders/alerts, make sure the temperature is turned off when you’re away from home, and more. When used effectively, smart thermostats may generate noticeable savings every month.

Shop all smart thermostats that work with Alexa

2. SWAP OUT INCANDESCENT LIGHT BULBS

Did you know that incandescent light bulbs can give off more energy in the form of heat rather than light? Because of this, the extra heat coming from your light bulbs could be making your home warmer, causing you to use more energy to cool it down. Simply changing your light bulb to CFL or LED lights can help you save money on your electricity bill. You can also reduce energy usage by swapping out your light switches with dimmers, timers, motion detectors and smart switches. Set timers and presence detection around your home to make sure your lights are turned off when you’re not at home. Connect your smart lights with your Echo device and simply say, “Alexa, trigger I’m leaving” to have all of your lights turn off at once.

Shop all smart lighting that works with Alexa

3. MONITOR ENERGY USAGE

Ever look at your electricity bill and wonder where all of that electricity is going? Take out the guesswork by using smart plugs to help you monitor which appliances in your home may be using the most energy. Many appliances, like home entertainment systems, may be consuming energy even when you’re not using them. Connecting these to a smart plug can help you track how much energy these appliances are using through an app on your smart phone. You can also set up timers to automatically turn these off when they are not in use to help you save more money on your electricity bill.

Shop all smart plugs that work with Alexa

Maybe you know someone you’d like to encourage to be more security-conscious. Or perhaps a friend or family member is already concerned about their own privacy. They’ve already got tin foil (albeit for the turkey, not to use as a hat), so what else should you get for them? We have a few suggestions.

1. RFID Wallet

Due to concerns over security, you can turn down the offer of contactless payment on debit and credit cards. Nonetheless, fewer people are using their PINs anymore.

Criminals can take payment from contactless cards. Indeed, warnings are occasionally issued on social media about thieves preying on users of packed trains and the subway. You can do something about it, however. Radio Frequency Identification (RFID) wallets block the wireless signals interacting between a card terminal and the card.

2. Nest Indoor Security Cam

Internet Protocol (IP) Cameras are all about peace of mind. They can be used for security reasons or as baby monitors. These are digital video recording devices that generally connect to your smartphone or device to offer 24/7 surveillance. Some allow you extra remote control and will further track smart home accessories

The Nest Cam Indoor security camera is designed to help you look after your home and family – even when you’re away. With 24/7 live streaming, a versatile magnetic stand, person alerts with Nest Aware and one app for all your Nest products, Nest Cam Indoor helps you keep an eye on what matters. From anywhere.

3. WALI Dummy CCTV

Not too sure whether your family member of friend will like a camera keeping score of proceedings all the time? Opt for a fake CCTV system instead!

Dummy cameras are a deterrent to your average criminal. They won’t be keen to have their mugshots taken. Even if some suspect they’re fake, they’ll have to risk getting up close to check it out for sure.

You can typically rely on WALI’s products, and this four-pack of dummy cameras is a substantial present that’s a surprisingly good price. They’ll certainly come in handy around most homes, and because they’ve got a flashing LED, they look real.

4. Litom Solar Lights

Solar lights are fantastic: not only are you utilizing the sun’s power but you’re also improving safety and security. They come in a vast array of variations, and are available everywhere, but for Christmas, we recommend a motion detector solar light.

These simply light up an area whenever something moves within its radius. Intruders are instantly spotlighted, and homeowners are alerted that there’s someone on their property. If whoever you’re buying for has a pond or swimming pool, lights are vital to make sure no one has an accident at night.

Litom’s a solid make. These are deceptively small considering the amount of light they give off. They’re cheap too, but if the recipient places them strategically at a doorway or garage, effective enough to deter would-be criminals.

5. Shredder

Everybody needs a shredder. No, more than that — everybody needs a cross-cut shredder. Cross-cut shredders cut pieces diagonally, rendering anything you put in virtually unreadable. In this age of hacking and ransomware, you shouldn’t underestimate the importance of a good old shredder. Because plenty of important things need cutting up.

Credit card slots are ideal, but some further chop up CDs — more infrequently used, of course, but this is a present to last! Typically, the finer a shredder will cut, the better. Also consider measurements: will this be used in a workplace environment or be kept at home, and how does this affect the size you’re considering?

6. VPN Router

This could be the priciest item on the list, so you’ll want to save it for someone especially dear to you, or as a family gift. But as ever, it depends on which model you go for.

It’ll also require a lot of research. Virtual private networks (VPN) afford a solid level of security by encrypting data sent between a computer and a website. Anyone who can intercept details sent on that connection cannot read it anyway. There are many VPN services available, including for free via the Opera browser

VPN routers give a whole household a high level of security. No need for individual installation on each device. Anything connecting to this router will use encryption. The receiver just needs to set it up and then everyone can browse the internet, hassle-free… in theory.

Shop around. Roqos is a dependable brand, and yet cheaper makes might also catch your eye. Shopping for routers should be a rare occurrence, so ask yourself whether it’s worth spending a bit more to achieve some longevity. And of course, are the recipients worth it?

Follow these five guidelines to keep your organization's data protected.

Consider that the average cost of a single data breach is $3.62 million. On top of this, data breach incidents reportedly cause 65% of individuals to lose trustin the organization experiencing it. This loss of customer trust may take years to recover, if it even can do that at all.

1. Understand what constitutes a data breach. A data breach is an incident in which sensitive, protected, or confidential personal data potentially has been viewed, stolen, or used by an individual unauthorized to do so. This can include sensitive information discussed in a doctor's office, viewed on someone's laptop screen, hacked from a computer, or perhaps left on the printer. It could involve thousands of records, or just one. Depending on the regulation, it could involve identifiers, such as a name or identification number. Or it could be images of individuals, in photos or videos. It also could be data revealing racial or ethnic origin, political opinions, religion, trade-union membership, genetic data, health information, personal preferences, and so on.

2. Be aware of your surroundings. Workers should be trained to always be aware of their surroundings. Employees frequently use mobile devices to access and share data, often in full view of others. There's increased risk of data exposure inside the office too. Open-office floor plans remove physical barriers that in the past helped shield computer screens. Those who work in public spaces and in heavy-traffic areas like emergency departments, public lobbies, government offices, and guest-service desks should know to look for suspicious behaviors, such as identifying a visitor who is pointing a smartphone toward a computer screen.

3. Deploy layers of protection to avoid breaches. Add layers of protection as part of a defense-in-depth security approach. This often involves perimeter technologies, such as firewalls, data encryption, and two-factor authentication. Using privacy filters can help protect sensitive data displayed on computer and device screens by blocking unauthorized side views. Other important protection measures include implementing clean-desk policies, using password-protected screensavers, and requiring that sensitive information be printed and stored in locked areas, and then finely shredded when disposed. Regular assessments can help identify vulnerabilities in these areas, as well as other gaps, such as poorly trained employees.

4. Collect only what you need. In the spirit of improving the buying experience, many organizations are collecting an increasing amount of personal information about their customers. They are asking for birthdays, ages of children, etc. Collecting this level of information requires organizations to be aware of privacy laws, such as the GDPR, that are very stringent in how personal information is used. As a best practice, organizations should proactively identify and collect only the personal information necessary for their intended purposes, for a period strictly necessary (minimization principle), and they should ensure that personal data will not be made accessible to an indefinite number of people.

5. Be ready to respond quickly. Have a documented breach response plan that details roles, responsibilities, and processes. Schedule regular training exercises to help ensure your organization's incident response and breach notification policies and plans will work. Conduct tests to see if employees know who to alert if their device is compromised or they become aware of a data breach. Make sure you have the forensics in place so you can quickly communicate what happened and what the company is going to do about it.

Together, these five tips can help safeguard data privacy, build customer trust, and protect your company's brand.

Keylogger found in HP Notebook models

Earlier this year, it was reported how the audio driver pre-installed on several Hewlett-Packard (HP) laptops contained a built-in keylogger code that recorded all of a user’s keystrokes and stored the information such as usernames and passwords, personal information in a human-readable file. In order to rectify this, HP then rolled out patches to remove the keylogger, which also deleted the log file containing the keystrokes.

Now, a security researcher named ‘ZwClose’ has claimed of discovering similar built-in keylogger issue in several HP laptops that allows hackers to record every keystroke of the user and steal sensitive data, including passwords, account information, and credit card details.

More than 460 HP Notebook models were reported to have been exposed for exploit to hackers due to the keylogger found present in the SynTP.sys file, which is a part of the Synaptics Touchpad driver that ships with some HP notebook models.

Even though the keylogger component is disabled by default, it could be enabled “by setting a registry value” by utilizing open source tools available for evading User Account Control (UAC).

Given below is the location of the registry key:

HKLM\Software\Synaptics\%ProductName%

HKLM\Software\Synaptics\%ProductName%\Default

HP was notified regarding the presence of keylogger component by the researcher last month, which was confirmed by the company who said that it was basically “a debug trace” that was left unintentionally and has now been removed.

In its advisory, HP called the keylogger as a potential, local loss of confidentiality. “A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impact all Synaptics OEM partners.

“A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”

The company has released a Driver update to remove debugging code for all the affected HP Notebook models. Click here to see the entire list of affected HP laptops and their patches.

ZwClose also published a technical analysis of the SynTP.sys file and the keylogger code for security researchers and software developers.