The Times Herald (Norristown, PA)
A refresher on cyber security
Remember how freaked out we all were nine months ago after the Equifax data breach?
It’s easy to forget. When a news event flares up, we pay attention and then as the issue recedes, we can get a bit complacent. That’s why the recently enacted European Union General Data Protection Regulation gives us a perfect excuse for a refresher on cyber security and privacy.
You likely received a slew of emails at the end of May - those had to do with GDPR, a new regulation that was meant to give EU citizens more control over the data that’s collected by online services. But given that most big U.S. companies do business in the EU and do not want to maintain separate policies globally, the new rules will likely affect U.S. consumers as well.
GDPR requires companies to be more explicit about how your personal data is used and imposes penalties on companies that are not in compliance with it. One interesting aspect of the rule is that it provides European consumers with the “right to be forgotten,” which means that an EU resident can tell a company to stop sharing her data with third parties and also gives her the “right to erasure,” which means that she can essentially say, “I am dead to you; quit using my data and erase me from your files.”
Just to be clear: This is what a European consumer can do, but, according to Linda Sherry, director of national priorities at Consumer Action, “As global firms adapt to the EU’s data protection law, we’re hopeful that all consumers will benefit from stricter data security and gain a reasonable measure of control over their personal information that so many others prosper from the EU’s strong regulation.”
But it’s still on you to take privacy seriously and to guard your information. I have offered some of these tips in previous columns, but I have added a few new ones from the National Cyber Security Alliance:
Update and conduct regular backups on your systems.
Don’t click on links willy-nilly. Even if you think you know the sender, be cautious about clicking on email links. When in doubt, delete it.
Protect your Password. Change logins and passwords monthly, use password generators and sign up for two-factor authentication.
Beware of over-sharing on social media and do not assume that messaging services are secure.
Refrain from providing businesses with your Social Security number simply because they ask for it. (Medicare recipients should be careful, because SSNs are still on many cards. New cards without your most precious identifier have started to be mailed as of April, but the process won’t be completed until April 2019.)
Don’t provide personal information over the phone, through snail mail or via the internet unless you have initiated the contact or you know with whom you are dealing.
Shop carefully. Don’t send financial information on unsecured wireless networks and when making purchases, use a credit card, which has more fraud protections under federal law than debit cards or online payment services.
Review credit card statements. Before you pay, make sure that there are no fraudulent charges. While you’re at it, enroll in a credit card notification program, where the bank alerts you to charges over a preset amount.
Review your (and your kid’s) credit report every 12 months at annualcreditreport.com. If you find an error, report it immediately and stay on top of the process. Jill Schlesinger, CFP, is a CBS News business analyst. She is a former options trader and CIO of an investment advisory firm and she welcomes comments and questions at askjill@ jillonmoney.com.