Resource Tag: Compliance

Your consumers will reuse passwords, and those passwords will be exposed in a third-party data breach. 

As soon as reused passwords become available to cybercriminals, your consumers are at high risk of account takeover fraud, which can result in substantial losses for you and for your consumers.

By monitoring your consumers’ credentials and resetting exposed passwords, you can help prevent account takeover and reduce online fraud. However, the language you use to notify them that their passwords must be reset requires careful consideration. Informing affected users that their credentials have been exposed on the criminal underground can encourage them to choose strong, unique passwords and protect any other accounts that share the same login information. On the other hand, some consumers may wonder how you located their information on the ‘dark web’ in the first place and where it was exposed.

Download our best practices guide to learn:

• How to prompt users to change compromised passwords without introducing friction 
• Why you should take care to consider the right level of transparency for your organization
• What an effective consumer notification looks like

With information for companies evaluating SpyCloud

In 2018, the General Data Protection Regulation went into effect with the goal to ensure the protection of data for all EU citizens. The law pertains to businesses throughout the world that process data belonging to EU citizens.

We worked with our legal team to develop this whitepaper, which breaks down the GDPR into plain English, and provides insights on what it means for you — in particular as you evaluate account takeover prevention solutions that rely on personal data.

Download this whitepaper for:

• A brief history of EU data protection law
• A summary of the major changes introduced by the GDPR
• What the changes mean for your company if you process EU citizens’ data
• How you can use SpyCloud and stay within the law