If the above information seems far-fetched to you, believe me, corporate IT people in the vast majority take it very seriously. GDPR also helped . Let's look at a quote about what the data controller is responsible for:
"The controller is responsible for complying with the obligations imposed by the General Regulation. Compliance with the processing principles is absolutely essential, the fulfillment of which the controller must also be able to document. The basic prerequisite is the existence of a proper legal reason for processing personal data, which the controller must have in order to be able to process personal data at all (e.g., it processes personal data of customers under a contract concluded with them and for the satisfaction of this contract or within the framework of mandatory archiving). At the same time, it is necessary to sufficiently secure personal data. However, it goes without saying that other obligations set out in the General Regulation must also be fulfilled. Each controller should verify to what tunisia phone number list extent the General Regulation affects them, especially with regard to new obligations based on a risk-based approach (e.g., the obligation to appoint a representative, to assess the impact on personal data protection may apply)."
It is important to note that 2-factor authentication is considered sufficient security . A simple username and password is not.
Cybercrime costs more than COVID-19. Every year
In 2021, one business will fall victim to ransomware every 11 seconds
According to analyst estimates, 33 billion pieces of personal data will be stolen in 2023
In the USA alone, annual losses caused by identity theft are approximately 15 billion USD (based on the theft of personal data)
It takes an average of approximately 196 days for a company to discover that its personal data has been stolen
Where is it good to use 2FA?
Wherever an attacker can cause sensitive damage. Financial, economic, security, communication, reputational, personal relationships... Let's look at examples of where it is good to use 2FA today. These include personal email , work email , access to cloud storage , domain management , web hosting , website administration , critical shared documents , or communication tools or analytical services .
Personal email
Important! Your personal email is linked to your mobile phone login, or Google or Apple account . Furthermore, your personal email is a ticket to your social network and other services that do not handle 2FA and use your email as secondary verification, for example when you log in from a new IP address. Hacking your personal email is thus a multiple, almost ultimate victory over your online life and often over your personal one. What can an attacker gain?
all your contacts that you have stored in the cloud under your account
all your photos (including private and intimate ones), if you don't have them stored on a physical drive and rely on the cloud
access to social networks and other accounts
the ability to recover a lost password on all services associated with your email
all historical emails where you have stored valuable historical data – emails, contracts , confirmations , tickets, financial data
all internet domains that were registered to a personal account – often also corporate ones
accesses related to your clients' accounts, because on Facebook, for example, you have to add yourself to the client's Business Manager as a private person
a complete profile in Google Chrome – where there are crucial links to other services that can be stolen. And of course all the passwords for all services
everything that profile history offers – for Google, it's search history (including sensitive information), history of pages you've browsed (yes, even sensitive ones), places you've visited (via history on the map or your reviews).
at least in the case of the Czech Republic, your private key for electronic signature – because CzechPoint sends it to you by email. ) This key can be used to sign loans , for example , or to act under your identity in relation to the state administration.
You won't have much of a secret left, will you? If an attacker wants to have fun, they can complete the destruction and remotely wipe your phone. The above problems are worth the 5 minutes it takes to set up 2-factor, don't you think? If you have a Google account, go to myaccount.google.com/two-step-verification and set up 2-factor authentication right away.
- Board index
- All times are UTC
- Delete cookies
- Contact us