October, 2017

article thumbnail

Briefing paper to Peers in advance of the Committee Stage of the Data Protection Bill in the House of Lords [30 October 2017]

Data Protector

Your Lordships This bill has been eagerly awaited by data protection professionals, whose careers depend on its successful passage. Please don’t worry too much that the bill is so very hard to understand. It's the Government’s way of ensuring that a select band of privacy professionals will be offered very significant salaries to decipher its contents and recommend ways of complying with the key provisions.

Paper 120
article thumbnail

Testing Security Keys

Imperial Violet

Last time I reviewed various security keys at a fairly superficial level: basic function, physical characteristics etc. This post considers lower-level behaviour. Security Keys implement the FIDO U2F spec , which borrows a lot from ISO 7816-4. Each possible transport (i.e. USB, NFC, or Bluetooth) has its own spec for how to encapsulate the U2F messages over that transport (e.g. here's the USB one ).

Security 113
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

9 Ways Uncontrolled Information Stands in the Way of Your Digital Transformation Plans

AIIM

Most organizations are on some sort of Digital Transformation journey. Everyone wants it. But what exactly is it? And how do you get there? How can you navigate the changes Digital Transformation brings while staying focused on business growth? How do you avoid disenfranchising employees and losing customers to more digitally savvy competitors? There are TONS of Digital Transformation conferences for C-Suiters.

article thumbnail

Why we need a 21st-century Martin Luther to challenge the church of tech

The Guardian Data Protection

It’s 500 years since Martin Luther defied the authority of the Catholic church. It’s time for a similar revolt against the hypocrisy of the religion of technology A new power is loose in the world. It is nowhere and yet it’s everywhere. It knows everything about us – our movements, our thoughts, our desires, our fears, our secrets, who our friends are, our financial status, even how well we sleep at night.

IT 111
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

What Would It Look Like If We Put Warnings on IoT Devices Like We Do Cigarette Packets?

Troy Hunt

A couple of years ago, I was heavily involved in analysing and reporting on the massive VTech hack , the one where millions of records were exposed including kids' names, genders, ages, photos and the relationship to parents' records which included their home address. Part of this data was collected via an IoT device called the InnoTab which is a wifi connected tablet designed for young kids; think Fisher Price designing an iPad. then totally screwing up the security.

IoT 111

More Trending

article thumbnail

The debate on the Data Protection Bill in the House of Lords

Data Protector

What follows below is an edited version of the debate in the House of Lords of the Second Reading of the Data Protection Bill, held on 10 October. Colleagues that prefer not to read the entire (46,709 word) transcript of the 5 hour debate will get an impression of the key interventions in this (16,000 word) summary: The Parliamentary Under-Secretary of State, Department for Digital, Culture, Media and Sport (Lord Ashton of Hyde) (Con) My Lords, I am delighted to be moving the Second Reading toda

GDPR 120
article thumbnail

Partner Spotlight: Q&A with Entrust Datacard

Thales Cloud Protection & Licensing

Inspired by National Cybersecurity Awareness Month (NCSAM), I kicked off our partner spotlight series earlier this month with one of our valued partners in the privileged account management space. In this piece we turn our attention to identity management and transaction security and we spotlight Entrust Datacard. The company is a provider of identity and secure transaction technologies that make business and personal experiences – such as making purchases, crossing borders, accessing e-governme

Cloud 91
article thumbnail

Guest Post - How important is digital document consistency?

AIIM

A repository containing documents that were digitized inconsistently or inaccurately presents a new set of problems for an organization, problems that can hinder the productivity gains they had hoped to achieve. Obviously digital document accuracy is particularly important for government and regulated industries. But any organization can benefit from a consistent and accurate document repository; it saves time and frustration for users when searching or retrieving documents.

article thumbnail

'All wifi networks' are vulnerable to hacking, security expert discovers

The Guardian Data Protection

WPA2 protocol used by vast majority of wifi connections has been broken by Belgian researchers, highlighting potential for internet traffic to be exposed The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.

Security 112
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The 6-Step "Happy Path" to HTTPS

Troy Hunt

It's finally time: it's time the pendulum swings further towards the "secure by default" end of the scale than what it ever has before. At least insofar as securing web traffic goes because as of this week's Chrome 62's launch, any website with an input box is now doing this when served over an insecure connection: It's not doing it immediately for everyone , but don't worry, it's coming very soon even if it hasn't yet arrived for you personally and it's going to take many people by surp

Security 106
article thumbnail

Project spotlight: Freeing up space at Banner Life Insurance Company

TAB OnRecord

If you could use your space to help generate revenue instead of storing files, would you? Of course you would. It’s often a space shortage that forces companies to take a hard look at how they store files—and most of them can realize significant efficiencies and free up square footage by rethinking that storage. Banner… Read More. The post Project spotlight: Freeing up space at Banner Life Insurance Company appeared first on TAB Records Management Blog | TAB OnRecord.

article thumbnail

Unmasking the ransomware kingpins

Elie

This blog post exposes the cybercriminal groups that dominate the ransomware underworld, and analyzes the reasons for their success. This is the third and final blog post of my series on ransomware economics. The first post was dedicated to the methodology and techniques developed to trace ransomware payments from end to end. The second post shed light on the inner workings of ransomsphere economics.

article thumbnail

CaboPress – A Business MasterMind (I Think)

PerezBox

For the past three years Chris Lema has invited me to join him at his event – CaboPress. For three years I have declined the request. I declined previously for. Read More. The post CaboPress – A Business MasterMind (I Think) appeared first on PerezBox.

89
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Rethinking the Intersection of People, Process and Technology

AIIM

Organizations have long struggled with the magic “triad” of people, processes and technology. This struggle has remained constant through multiple generations of technology – from paper to microfilm to imaging to document management to enterprise content management. In order to understand what is coming next for content management, we need a clear understanding of where we’ve been.

ECM 84
article thumbnail

Let’s take back control of our data – it’s too precious to leave to the tech giants | Ravi Naik

The Guardian Data Protection

Everything we do online leaves a trail. To hold power to account in the digital age, what is required is nothing less than a new civil rights movement “Your legal concepts of property, expression, identity, movement, and context do not apply to us.” Thus, in 1996, John Perry Barlow laid out his manifesto, the Declaration of the Independence of Cyberspace , in which he encapsulated a philosophy flowing through the heart of worldwide web.

IT 94
article thumbnail

Disqus Demonstrates How to Do Breach Disclosure Right

Troy Hunt

We all jumped on "the Equifax dumpster fire bandwagon" recently and pointed to all the things that went fundamentally wrong with their disclosure process. But it's equally important that we acknowledge exemplary handling of data breaches when they occur because that's behaviour that should be encouraged. Last week, someone reached out and shared a number of data breaches with me.

article thumbnail

How to manage inactive records collections

TAB OnRecord

Inactive records management is an important component of a complete RIM program. At some point, space limitations and growing record volumes force organizations to deal with documents that aren't used very often. The most common approach is to send inactive files to an offsite storage environment, which frees up room for business operations and for… Read More.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Can data governance create user satisfaction?

IBM Big Data Hub

Companies have a choice when it comes to their strategy for data governance. Aberdeen research shows that it can be onerous and bureaucratic, or it can be liberating and empowering.

article thumbnail

The Time is Right for Multi-Cloud Key Management

Thales Cloud Protection & Licensing

Multi-cloud use – It’s here in spades. One of the things we see every day at Thales is how the pace of change in organizations is pushing them to adapt and utilize cloud, big data, IoT and container technologies. Organizations are digitally transforming themselves at a fundamental level to address new markets, offer new services to existing customers and stay relevant in a rapidly changing world that is increasingly operating online.

Cloud 73
article thumbnail

NIST’s Digital Identity Guidelines Favor the User

Data Matters

With the continued rise of data breaches rooted in a compromise of user credentials, interest has continued to build in more secure form of digital identities for authentication. Supporting controls for federal agencies as well as innovation in the market, the National Institute of Standards and Technology (“NIST”) published its four-volume Digital Identity Guidelines earlier this year on June 22, 2017.

article thumbnail

UK spy agencies may be circumventing data-sharing law, tribunal told

The Guardian Data Protection

Challenge brought by Privacy International alleges MI5 and MI6 data-sharing regimes and legal oversight system are illegal MI5 and MI6 may be circumventing legal safeguards when they share bulk datasets with foreign intelligence services and commercial partners, a court has been told. Most of the bulk personal datasets relate to UK citizens who are not of “legitimate intelligence interest”, the investigatory powers tribunal (IPT) heard.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Gimmal Workplace Compliance Now Includes In-Place Policy Management

Gimmal

Today, we're excited to launch a new version of Gimmal Workplace Compliance ! Our flagship solution now includes new federated policy management features for high volumes of content – keeping information "in place" in the business system where it resides.

article thumbnail

Reader favorites October 2017: Our most popular RIM resources

TAB OnRecord

The most popular RIM resources this month cover several hot records management topics. Our free guide provides tips to save money with your records management program. Our popular white paper on records retention is a handy reference for every RIM professional designing a records management program. For records management environments that include paper and electronic… Read More.

article thumbnail

Three considerations for your unified data platform journey

IBM Big Data Hub

Although there are many new and emerging classes of data integration, quality and governance software tools available in the market, many large organizations are coming to the conclusion that they're best served by a single unified enterprise data integration, quality and governance platform that supports the entire enterprise. Here are three things to consider for a successful data journey.

article thumbnail

When Encryption Meets Flash Arrays

Thales Cloud Protection & Licensing

Cyberattacks continue to grow more sophisticated and persistent. To combat threats and keep data safe, IT teams must employ robust encryption, key management, and access controls. This is especially true for information held in storage environments, which can contain an organization’s most vital assets. To secure storage, many organizations have been leveraging native encryption offerings from their storage vendors.

article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Article 29 Working Party Publishes Draft Guidelines on Notification of Personal Data Breaches Notification Under the GDPR

Data Matters

On October 3, 2017, the Article 29 Working Party (“ WP29 ”) adopted draft guidelines regarding notification of personal data breaches under the EU’s General Data Protection Regulation (“ GDPR ”) which will require breach notification within 72 hours of awareness of a breach. (“ Draft Guidelines ”) (The Draft Guidelines appear to have been released for public comment during the week of 16th October).

article thumbnail

Kaspersky Lab denies involvement in Russian hack of NSA contractor

The Guardian Data Protection

Eugene Kaspersky, the founder of the Moscow-based cybersecurity firm, called allegations of role in government hack ‘like the script of a C movie’ Moscow-based cybersecurity firm Kaspersky Lab has hit back at a report in the Wall Street Journal which accused it of being involved in a Russian government hack of an NSA contractor in 2015. The paper reported on Thursday that the NSA contractor, a Vietnamese national who was working to create replacements for the hacking tools leaked by Edward Snowd

Paper 85
article thumbnail

AI, IG and what it all means: Our Interview with Reid Smith

Gimmal

Recently, Gimmal interviewed Reid Smith, co-founder and CEO at i2k Connect. The mission of i2k Connect is to revolutionize information discovery using its novel artificial intelligence (AI) technology, informed by industry knowledge, to transform unstructured documents into structured data.