Edukasyon Online Your Online Education Portal

20% Tax on Teacher's allowance who will serve during the 2022 National Election

Novel phishing campaign highlights need for MFA, says Microsoft

Microsoft details a new multi-stage phishing campaign that only affects victims without multifactor authentication in place

A recently discovered multi-stage, large-scale phishing campaign first observed in APAC employs a novel technique that is only successful against organisations that do not have multifactor authentication (MFA) in place, according to Microsoft’s security team.

In a newly published disclosure, Microsoft revealed how the campaign targeted victims in Australia, Indonesia, Singapore and Thailand, first through the fairly standard practice of stealing credentials – in this instance via a fake DocuSign phish that directed them to a spoofed Office 365 login.

Read more: Novel phishing campaign highlights need for MFA, says Microsoft

STEP-BY-STEP PROCEDURE ON HOW TO CREATE YOUR 8 SLIDES POWERPOINT PRESENTATION

STEP-BY-STEP PROCEDURE ON HOW TO CREATE YOUR 8 SLIDES POWERPOINT PRESENTATION

SLIDE N0. 1:  (Open the PowerPoint window)

1. In the Ribbon above, click New Slide 7 times to make at least 8 Blank Slides
2. Now you have at least 8 Slides, click Slide No. 1 to begin working with the slides
3. In the Click to add title of the slide window, type: “CREATING MY FIRST POWERPOINT PRESENTATION”. That will be the title of our presentation.
4. In the Click to add subtitle, type: by: and “YOUR NAME”
5. Now let us apply Animation to our Slide Title. On the Ribbon above, click the Animation Tab.
6. Then click Custom Animation Tab.
7. Click anywhere in the title so that the rectangular textbox appears and click Add Effect.
8. Under Add Effect, Place the Mouse Pointer to Entrance and select Crawl In.
9. Now change the Speed of our animation to Slow. Click dropdown arrow and select Slow.
10. Let us apply Animation also to our Subtitle, click anywhere in the subtitle below so that the rectangular textbox appears then click Add Effects.
11. Under Add Effect, Place the Mouse Pointer to Entrance and select Bounce.
12. Change the Speed of our animation to Medium. Click dropdown arrow and select
13. Now, Click the Play button below to watch the result.

SLIDE NO. 2:

1. Let’s move on to the second slide. Click Slide No. 2.
2. In the Click to add title above, type: WHAT IS MICROSOFT POWERPOINT.
3. Click anywhere in this box ‘Click to add text’.
4. Then, copy the following text given in the Click to add text box.
5. Now let us apply Animation to the text that we have typed. In the Ribbon, click Custom Animation. The Add Effect Button should appear on the left of your screen.
6. Now, highlight all the text that you have typed.
7. Click Add Effect and under Add Effect, Place the Mouse Pointer to Entrance and select Color Typewriter.
8. Now, Click the Play button below to watch the result.

SLIDE NO. 3:

1. Now let’s move on to the 3^rd Click Slide No. 3.
2. In the Click to add title, type: EXERCISE NO. 1
3. In the Click to add text, we are going to insert Objects or Documents.
4. In the Ribbon above, click the Insert Tab, then, click Object in the far right of the ribbon.
5. An Insert Object Window appears, click Create from file Button.
6. Then click: Browse.
7. Find your Filename, click to highlight and click
8. Click Exercise -1 to highlight then Click
9. The Insert Object window appear, click OK to insert the selected Object.
10. Now let us apply Animation to our slide. Click anywhere in the inserted object so that the rectangular textbox appears and click Add Effect.
11. Under Add Effect, Place the Mouse Pointer to Entrance and select Bounce.
12. Replace Speed to Medium, click dropdown arrow and select
13. Now, Click the Play button below to watch the result.

SLIDE NO. 4:

1. Now let’s move on to the 4th slide. Click Slide No. 4
2. In the Ribbon, click the Home Tab then click
3. A selection of Slide Layout appears then, select Title Only.
4. In the Click to add title above, type: EXERCISE NO. 2
5. In the Click to add text, we are going to insert Objects or Documents.
6. In the Ribbon, click the Insert Tab then, click the
7. An Insert Object Window appears, click Create form file
8. Then click:
9. Find your Filename, click to highlight and click
10. Click Exercise -2 to highlight then Click OK
11. The Insert Object window appear, click OK to insert the selected Object.
12. Try to resize and align the Object to get a better view.
13. Now let us apply Animation to the inserted object. Click anywhere in the inserted object so that the rectangular textbox appears and click Add Effect.
14. Under Add Effect, Place the Mouse Pointer to Entrance and select
15. Replace Speed from Medium, click dropdown arrow and select
16. Now, Click the Play button below to watch the result.

SLIDE NO. 5:

1. Now let’s move on to the 4th slide. Click Slide No. 5
2. In the Ribbon, click the Home Tab, and then,
3. A selection of Slide Layout appears: select, Two Content.
4. In the Click to add title, type: THE INTERNET
5. Click anywhere in the first column then copy the text given in the Click to add text

6. In the second column, we are going to insert Clip Art.
7. A selection of Content Icons appears at the center of the second column.
8. Click anywhere in this second column. Now in the selection of Content Icons below, click Clip Art.
9. A Search Bar for clip arts appears on the far left of the screen. Type: computers then, click
10. A selections of Computer Clip Arts appears, scroll the bar to select the best computer clip art for our presentation.
11. Select or Click Communications Computer.
12. The selected Clip Art appears at the center of the second column.
13. Click the picture then resize and align the picture.
14. Now let us apply animation to the inserted object, highlight all the text in the first column then click Add Effect.
15. Under Add Effect, Place the Mouse Pointer to Entrance and select Color Typewriter.
16. Let us apply animation also to the inserted Media Clip or Picture, click anywhere in the picture so that the circular resizing points appears then click Add Effect.
17. Under Add Effect, Place the Mouse Pointer to Entrance and select
18. Replace Speed from Very Fast to Medium, click dropdown arrow and select
19. Now, Click the Play button below to watch the result.

SLIDE NO. 6

1. Now let’s move on to the 6th slide. Click Slide No. 6
2. In the ribbon above, click
3. A selection of Slide Layout appears then, select Title Only.
4. In this Slide (No. 6), we are going to insert Picture from your file. In the Click to add title, type: SAMPLE PICTURE.
5. In the ribbon above, click Then click: Picture.
6. My Picture folder appears, select any picture available from the picture file then click: Insert tab below.
7. The picture is inserted in your slide. Now using your Mouse, make necessary adjustment by resizing the inserted picture.
8. Identify the picture by placing a Text Box anywhere in the picture.
9. In the textbox type the name of the picture or where the picture was taken
10. Move the textbox anywhere inside the picture where you want the text to be placed.
11. Now let us apply Animation to the Sample Picture.
12. Click anywhere in the inserted picture so that the Resizing Points appears and click Add Effect.
13. Under Add Effect, Place the Mouse Pointer to Entrance and select
14. Change the Speed of our animation from Very Fast to Medium. Click dropdown arrow and select
15. Click the Play button below to watch the result.

SLIDE NO. 7:

1. Now let’s move on to the 7th slide. Click Slide No. 7
2. In the ribbon above click,
3. A selection of Slide Layout appears then, select Title Only.
4. In the Click to add title of the slide window, type:
5. Below the title, we are going to insert another clip art to animate.
6. In the Search Bar of the far left task pane search for Clip Arts, Type: airplane then, click Go.
7. A selection of Airplanes appears below the Search Bar, select one.
8. The clip art appears at the center, Re-size the clip art.
9. Now in the Custom Animation, Click Add Effect.
10. A selection of Effects appears below, place the Mouse pointer to Motion Paths to highlight, then Under Motion Paths, place the Mouse Pointer to Draw Custom Paths and click Scribble.
11. The mouse pointer was replaced with a Now drag the pencil to draw a path for the plane.
12. Change the Speed to
13. Click Play button below to watch the movement.

SLIDE NO. 8:

1. Now click our final Slide (No. 8), we are going to insert Organization Chart – Design your own Organization Chart
2. In the Click to add title, type: ORGANIZATIONAL CHART
3. In the ribbon, click Smart Art.
4. select: Hierarchy
5. Under Hierarchy, Select Organization Chart. Then, click
6. Create your own Organizational Chart or insert previously created Organizational Chart from your file.

7. After completing the Organizational Chart, we are now going to apply a Slide Design for all the slides.
8. Click Slide No. 1, then in the ribbon click Design
9. Different Design Templates now appear in the Ribbon.
10. Click the arrow down in the right corner to show all Themes and select one among the choices.
11. Now you have 8 Slides with different designs
12. Next, we are now going to apply Slide Transitions in our slides. Click Slide No. 1 and in the Menu Bar, click
13. A selection of Slide Transitions appears in the Ribbon. Click Arrow Down in the corner of the Slide Transition Tabs to reveal all the selections and select any of your choice.
14. Then click Apply to All Tab.
15. Now, after applying your selected Design Templates and Slide Transition, click the Slide Show Icon below to watch your presentation.
16. Finally, we are now going to save your presentation, In the Ribbon above, click the Office Button. Place mouse pointer to Select Save as…Click PowerPoint Presentation look for your Filename to Open, replace title with “My first PowerPoint Presentation” and click

End …….

Philippines Data Privacy Act of 2012: What I need to know

Filipinos spend an average of 10 hours and 2 minutes each day online, the highest in the world, according to recent data. The Philippines also tops social media use for the fourth straight year. Vast amounts of personal information from the Philippines, including photos of daily activities, are freely circulating the Web. 

What has the country done to ensure privacy and data protection?

In 2012 the Philippines passed the Data Privacy Act 2012, comprehensive and strict privacy legislation “to protect the fundamental human right of privacy, of communication while ensuring free flow of information to promote innovation and growth.” (Republic Act. No. 10173, Ch. 1, Sec. 2). This comprehensive privacy law also established a National Privacy Commission that enforces and oversees it and is endowed with rulemaking power. On September 9, 2016, the final implementing rules and regulations came into force, adding specificity to the Privacy Act.

Scope and Application

The DPA and its Implementing Rules and Regulations (IRR) apply to all acts done or practices engaged in and outside of the Philippines if:

• If the person, either an individual or an institution, involved in the processing of personal data is located in the Philippines;
• The act or practice involves personal data of a Philippine citizen or Philippine resident;
• The processing of personal data is done in the Philippines; or
• The act, practice or processing of personal data is done by an entity with links to the Philippines, subject to international law and comity.

“Personal data” refers to all types of personal information.

“Processing” is any operation/s performed upon personal data. These operations include, but are not limited to the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure, or destruction of data.

The Data Privacy Act is broadly applicable to individuals and legal entities that process personal information, with some exceptions. The law has extraterritorial application, applying not only to businesses with offices in the Philippines, but when equipment based in the Philippines is used for processing. The act further applies to the processing of the personal information of Philippines citizens regardless of where they reside.

One exception in the act provides that the law does not apply to the processing of personal information in the Philippines that was lawfully collected from residents of foreign jurisdictions — an exception helpful for Philippines companies that offer cloud services.

How to comply with the Data Privacy Act?

Approach

The Philippines law takes the approach that “The processing of personal data shall be allowed subject to adherence to the principles of transparency, legitimate purpose, and proportionality.”

Collection, processing, and consent

The act states that the collection of personal data “must be a declared, specified, and legitimate purpose” and further provides that consent is required prior to the collection of all personal data. It requires that when obtaining consent, the data subject be informed about the extent and purpose of processing, and it specifically mentions the “automated processing of his or her personal data for profiling, or processing for direct marketing, and data sharing.” Consent is further required for sharing information with affiliates or even mother companies.

Consent must be “freely given, specific, informed,” and the definition further requires that consent to collection and processing be evidenced by recorded means. However, processing does not always require consent.

Consent is not required for processing where the data subject is party to a contractual agreement, for purposes of fulfilling that contract. The exceptions of compliance with a legal obligation upon the data controller, protection of the vital interests of the data subject, and response to a national emergency are also available.

An exception to consent is allowed where processing is necessary to pursue the legitimate interests of the data controller, except where overridden by the fundamental rights and freedoms of the data subject.

Required agreements

The law requires that when sharing data, the sharing be covered by an agreement that provides adequate safeguards for the rights of data subjects, and that these agreements are subject to review by the National Privacy Commission.

Sensitive Personal and Privileged Information

The law defines sensitive personal information as being:

• About an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations;
• About an individual’s health, education, genetic or sexual life of a person, or to any proceeding or any offense committed or alleged to have committed;
• Issued by government agencies “peculiar” (unique) to an individual, such as social security number;
• Marked as classified by executive order or act of Congress.

All processing of sensitive and personal information is prohibited except in certain circumstances. The exceptions are:

• Consent of the data subject;
• Pursuant to law that does not require consent;
• Necessity to protect life and health of a person;
• Necessity for medical treatment;
• Necessity to protect the lawful rights of data subjects in court proceedings, legal proceedings, or regulation.

Surveillance

Interestingly, the Philippines law states that the country’s Human Security Act of 2007 (a major anti-terrorism law that enables surveillance) must comply with the Privacy Act.

Privacy program required

The law requires that any entity involved in data processing and subject to the act must develop, implement and review procedures for the collection of personal data, obtaining consent, limiting processing to defined purposes, access management, providing recourse to data subjects, and appropriate data retention policies. These requirements necessitate the creation of a privacy program. Requirements for technical security safeguards in the act also mandate that an entity have a security program.

Data subjects' rights

The law enumerates rights that are familiar to privacy professionals as related to the principles of notice, choice, access, accuracy and integrity of data.

The Philippines law appears to contain a “right to be forgotten” in the form of a right to erasure or blocking, where the data subject may order the removal of his or her personal data from the filing system of the data controller. Exercising this right requires “substantial proof,” the burden of producing which is placed on the data subject. This right is expressly limited by the fact that continued publication may be justified by constitutional rights to freedom of speech, expression and other rights.

Notably, the law provides a private right of action for damages for inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data.

A right to data portability is also provided.

Mandatory personal information breach notification

The law defines “security incident” and “personal data breach” ensuring that the two are not confused. A “security incident” is an event or occurrence that affects or tends to affect data protection, or may compromise availability, integrity or confidentiality. This definition includes incidents that would result in a personal breach, if not for safeguards that have been put in place.

A “personal data breach,” on the other hand, is a subset of a security breach that actually leads to “accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.

Requirement to notify 

The law further provides that not all “personal data breaches” require notification., which provides several bases for not notifying data subjects or the data protection authority. Section 38 of the IRRs provides the requirements of breach notification:

• The breached information must be sensitive personal information, or information that could be used for identity fraud, and
• There is a reasonable belief that unauthorized acquisition has occurred, and
• The risk to the data subject is real, and
• The potential harm is serious.

The law provides that the Commission may determine that notification to data subjects is unwarranted after taking into account the entity’s compliance with the Privacy Act, and whether the acquisition was in good faith.

Notification timeline and recipients

The law places a concurrent obligation to notify the National Privacy Commission as well as affected data subjects within 72 hours of knowledge of, or reasonable belief by the data controller of, a personal data breach that requires notification.

It is unclear at present whether the commission would allow a delay in notification of data subjects to allow the commission to determine whether a notification is unwarranted. By the law, this would appear to be a gamble.

Notification contents

The contents of the notification must at least:

• Describe the nature of the breach; 
• The personal data possibly involved;
• The measures taken by the entity to address the breach;
• The measures take to reduce the harm or negative consequence of the breach;
• The representatives of the personal information controller, including their contact details;
• Any assistance to be provided to the affected data subjects.

Penalties

The law provides separate penalties for various violations, most of which also include imprisonment. Separate counts exist for unauthorized processing, processing for unauthorized purposes, negligent access, improper disposal, unauthorized access or intentional breach, concealment of breach involving sensitive personal information, unauthorized disclosure, and malicious disclosure.

Any combination or series of acts may cause the entity to be subject to imprisonment ranging from three to six years as well as a fine of approximately $20,000 to $100,000.

Notably, there is also the previously mentioned private right of action for damages, which would apply.

Penalties for failure to notify

Persons having knowledge of a security breach involving sensitive personal information and of the obligation to notify the commission of same, and who fail to do so, may be subject to penalty for concealment, including imprisonment for 1 1/2 to five years of imprisonment, and a fine of approximately $10,000 - $20,000.

Depending upon the circumstances additional violations might apply.

Who implements the Data Privacy Act?

The National Privacy Commission (NPC) is in charge of administering and implementing the DPA. It is also tasked to monitor and ensure compliance of the Philippines with international standards for personal data protection. The major functions of the NPC are as follows:

1. Rule making.
2. Advisory. The NPC is the advisory body on matters related to personal data protection.
3. Public education. – The NPC shall launch initiatives to educate the public about data privacy, data protection and fair information rights and responsibilities.
4. Compliance and monitoring. – The body has compliance and monitoring functions to ensure personal information controllers comply with the law. It is also tasked to manage the registration of personal data processing systems.
5. Complaints and investigations.
6. Enforcement.

“Personal information controller” is an individual or institution, or any other body who controls the processing of personal data, or instructs another to process personal data on its behalf.