Sharing Our GDPR Journey

Posted by: Ed Macnair  /  17 July 2017 09:51:57 BST

The 25th of May 2018. For many, that date will have registered little interest when the first official draft of the EU General Data Protection Regulation was published back in 2012. 

The date, and what it would bring, was something to be aware of but too far away to interfere with other, more pressing concerns. Fast-forward to 2016, when the final draft was approved by the EU Parliament, and the speck on the horizon had grown to a more sizeable blob. There was a sudden shift in attitude and the date became a concern for all businesses in all sectors and of all sizes.

Read More

Topics: Compliance, GDPR

CensorNet and the statutory duty on radicalisation

Posted by: Ed Macnair  /  19 December 2016 11:05:11 GMT

The Department for Education’s statutory guidelines (“Keeping Children Safe in Education”) are now in force. For the first time the guidelines include the subject of the legal obligations on the school arising under the Counter Terrorism and Security Act 2015. On this subject the statutory guidelines are explicit:

Read More

Topics: Security, Compliance, Public Sector

“e-Safety Legal Obligations – The Fall of the Supremacy of Pedagogy”

Posted by: Dr. B. Bandey  /  19 December 2016 09:22:05 GMT

I have a proposition to make. My proposition is that it is not possible to train or educate pupils into not cyberbullying, not viewing pornography, not sexting and that the stance of many educators and education experts[1] that pedagogy is the best, the ‘supreme’ route to satisfy e-Safety legal obligations is, quite simply, wrong.

Read More

Topics: Compliance

Productivity vs Cyber Security? The big dilemma for Public Sector IT Chiefs.

Posted by: David Hald  /  29 April 2016 10:00:00 BST

If you’re a public sector IT professional, the chances are you’re more than a little worried about being hacked… if you haven’t been hacked already. Some recent research conducted by PWC showed that over 40% of public sector IT departments had admitted to a data breach, largely blamed on them being unable to keep pace with security trends, while at the same time coping with the digitization of government services. So why are public sector organizations such a hot target?

Read More

Topics: Security, Compliance, Productivity, Public Sector, Remote Access

Is Multi-Factor Authentication Your Get out of Regulatory Jail Card?

Posted by: David Hald  /  10 February 2016 11:00:00 GMT

Saying that regulatory pressure is over loading financial services IT departments is a bit like saying people don’t trust real estate agents – it’s stating the obvious. And it has gotten a whole lot worse since the global financial meltdown. As investment bankers played black jack with retail banking customers’ cash, the regulators had to put measures in place to protect consumers, their data and above all, their money.

Read More

Topics: Multi-factor Authentication, Security, Compliance, Finance

Do Weak Passwords Keep You Up at Night? Here is Why They Should…

Posted by: Torben Andersen  /  18 November 2015 11:00:00 GMT

Last month – as you’ve probably read - a group of hobbyist hackers announced they had cracked 11.2 million user passwords from the troubled dating website Ashley Madison. Adding insult to injury, the group, called Cynosure Prime went on to publish the top 100 passwords. Revealing themselves as technologically inept, as well as morally questionable, passwords included  “123456” in the top spot, followed by “12345” and “password.” I don’t think that even more obscure ones such as “secret” and “affair” would give your average hacker sleepless nights.

Read More

Topics: Multi-factor Authentication, Security, Compliance

How Token-free Authentication Improves User Compliance

Posted by: David Hald  /  20 March 2015 13:23:00 GMT

“My Dog Ate the Hardware Token”
Hardware tokens were once the gold standard in user authentication, but they have met with resistance all along. Many IT admins have reported that their users never really adopted the hard tokens. They are cumbersome to use and, being physical objects, employees have to carry around something extra. This approach is bound to fail, as employees will forget their hardware token from time to time or misplace it and need to have a new one sent to them. Excuses like “My dog ate my hardware token” might be funny at first, but the avalanche of calls to your IT department from frustrated employees who cannot log in will quickly become a pain for both IT and the other employees.
Read More

Topics: Multi-factor Authentication, Security, Token-free authentication, Compliance

All posts