2016

Post Brexit, what options are available for a GDPR-light Data Protection Act?

Data Protector

Let’s think the unthinkable. Lets assume that, post Brexit, the British Government has an opportunity to decide how its data protection legislation should reflect the requirements of an aspiring British economy. And let’s assume that the Minister with responsibility for Data Protection asks for options about trimming back those elements of the General Data Protection Regulation that are unduly burdensome and, in practice, actually do very little to safeguard fundamental human rights.

GDPR 131

Roughtime

Imperial Violet

Security protocols often assume an accurate, local clock (e.g. TLS, Kerberos, DNSSEC and more). It's a widely accepted assumption when designing protocols but, for a lot of people, it just isn't true. We find good evidence that at least 25% of all certificate errors in Chrome are due to a bad local clock. Even when the local clock is being synchronised, it's very likely to be using unauthenticated NTP.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Google Capitulates to Facebook’s Identity Machine: Is This Good News For The Open Web?

John Battelle's Searchblog

The post Google Capitulates to Facebook’s Identity Machine: Is This Good News For The Open Web? appeared first on John Battelle's Search Blog. Long time readers of this site know that once a year I make predictions, and revisit those I made the year before. But it’s not often I look back farther than one year to see if perhaps I was just a tad too early. It appears in the case of Google and personal data, I was.

IoT's moment of truth -- who can secure the data flows?

Collaboration 2.0

Innovative Internet of Things efforts need the maturity and experience of industrial internet service providers to secure data platforms and drive growth

IoT 82

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Why can’t we be briefed like the President?

Attensa

It started with a simple question posed by a senior marketing exec during a staff meeting. B lindsided a couple of times in the course of a month by information related to market events that that should have known, the exec went on to ask: “If the President of the United States can get a daily briefing on the state of the world, why can’t we get one on our own company?” ” True story. That simple question led to a phone call to us and ultimately a simple solution.

More Trending

Fact Denial and the Record Under Threat

Brandeis Records Manager

George Despres, CRM. Program Director for University Records Management, Brandeis University. The content in this blog reflects the opinions of the author, and not of Brandeis University.). As if we don’t have enough challenges, controlling information today. Part of our culture, at least here in the U.S., has embraced the acceptance of non-truths and the repudiation of facts in the record. It has also embraced the pseudo-record and fake news.

Siri Lock Screen Bypass in news your non security friends read

Roger's Information Security

This morning I read an article on Good HouseKeeping (don’t make fun, it was a link on one of the news links that get pushed in your face on my start page. I think it was Bing. I hate the news links but like the pictures). It’s interesting to see what security items make it into websites for ‘normal’ people.

MDM 50

We Must Improve the HTTPS Message

PerezBox

HTTPS is as important today as it has ever been. If you are transferring sensitive data you should use HTTPS to encrypt data in transit, that is not up for. Read More. The post We Must Improve the HTTPS Message appeared first on PerezBox. Security Web And Information Security

Observations on DB2 for z/OS Address Space CPU Utilization

Robert's Db2

Have you ever looked at a DB2 Statistics Long report generated by your DB2 monitor? If so, you might have seen a section containing information about the CPU consumption of the various DB2 address spaces. It would look something like the example below, which reflects activity over a one-hour period of time (similar information might be available as well via an online display provided by your DB2 monitor).

IT 71

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

[0day] [exploit] Compromising a Linux desktop using. 6502 processor opcodes on the NES?!

Scary Beasts Security

Overview A vulnerability and a separate logic error exist in the gstreamer 0.10.x player for NSF music files. Combined, they allow for very reliable exploitation and the bypass of 64-bit ASLR, DEP, etc. The reliability is provided by the presence of a turing complete “scripting” inside a music player. NSF files are music files from the Nintendo Entertainment System. Curious? Read on. Demonstration, and affected distributions Here is a screenshot of the exploit triggering.

My (somewhat unreliable) data protection predictions for 2017

Data Protector

I’ve recently had a quiet year on the blogging front – my professional duties have prevented me from playing a more active role on the Internet during this year than I would have liked, but that is set to change in 2017.

GDPR 120

memcpy (and friends) with NULL pointers

Imperial Violet

The C standard (ISO/IEC 9899:2011) has a sane-seeming definition of memcpy (section 7.24.2.1): The memcpy function copies n characters from the object pointed to by s2 into the object pointed to by s1. Apart from a prohibition on passing overlapping objects, I think every C programmer understands that.

Predictions 2016: Apple, Tesla, Google, Medium, Adtech, Microsoft, IoT, and Business on a Mission

John Battelle's Searchblog

The post Predictions 2016: Apple, Tesla, Google, Medium, Adtech, Microsoft, IoT, and Business on a Mission appeared first on John Battelle's Search Blog. Twelve years of making predictions doesn’t make writing them any easier, regardless of my relatively good showing in 2015. In fact, I briefly considered taking the year off – who am I to make predictions anyway?

IoT 63

What E-Commerce Performance Metrics Are CTOs Monitoring?

In this eBook, Danny Miles, CTO of Dollar Shave Club, reveals an efficient framework for thinking about and prioritizing the performance metrics that matter most to him, providing a blueprint for fellow e-commerce CTOs to follow as they evaluate their own business.

HCL transcending US protectionism with clear alignment to client's global digital business needs & goals

Collaboration 2.0

HCL's 'Great Digital Leap Forward' will keep astute client partners ahead of US offshoring BPO political protectionism

70

European Parliament Calls on European Commission to Renegotiate Privacy Shield

Hunton Privacy

On May 26, 2016, the European Parliament approved a resolution calling for the European Commission to reopen negotiations with U.S. authorities on the EU-U.S. Privacy Shield (“Privacy Shield”), and to implement the recommendations of the Article 29 Working Party (“Working Party”) on the draft Privacy Shield adequacy decision.

How to Plan a Successful Information Management Solution Implementation

JKevinParker

At the 2016 Information Governance Conference , I presented on "How to Plan a Successful Information Management Solution Implementation". Get my slide deck from SlideShare. Related: Check out my Reflections on the 2016 InfoGovCon. Summary Start with information strategy, architecture, and governance. Recruit an executive champion and cross-departmental partners. Partner with your IT organization. Plan for continuous implementation and improvement. Plan for user adoption.

The Information Management Umbrella

Brandeis Records Manager

George Despres, CRM. Program Director for University Records Management, Brandeis University. The content in this blog reflects the opinions of the author, and not of Brandeis University.). A colleague at another university recently polled a listserv group of records managers in Higher Ed. The survey probed the records management programs’ locations within the organization. The last “extra credit” question was whether or not we would recommend our current organizational locations.

9 Developer Enablement Practices to Achieve DevOps at Enterprise Scale

In this eBook, Christian Oestreich, a senior software engineering leader with experience at multiple Fortune 500 companies, shares how a metrics-driven mindset can dramatically improve software quality and enable DevOps at enterprise scale.

Password Expiration

Roger's Information Security

FTC Chief Technologist Lorrie Cranor wrote in March it is time to reconsider mandatory password changes. Unless there is reason to believe a password has been compromised or shared, requiring regular password changes may actually do more harm than good in some cases. And even if a password has been compromised, changing the password may be ineffective, especially if other steps aren’t taken to correct security problems.). The prime reason given is users pick bad passwords.

Google Introduces new Repeat Offender Blacklist

PerezBox

On November 8th, 2016, Google introduced a new feature to Chrome that would blacklist repeat offenders. Once Safe Browsing has designated a site as a Repeat Offender, the webmaster will. Read More. The post Google Introduces new Repeat Offender Blacklist appeared first on PerezBox. Security Web And Information Security

The growing importance of dynamic pricing and rating in insurance

CGI

The growing importance of dynamic pricing and rating in insurance. shobana.lv@cgi.com. Fri, 11/11/2016 - 01:07. On June 20, 2016, CGI held a roundtable discussion on dynamic rating and pricing in the insurance industry that involved nearly all major Dutch insurers. The starting point of the evening was a presentation from a pricing executive at a large European retail company who shared his company’s journey to dynamic pricing.

CSRA and RFID Global awarded $25.5M US Army Passive RFID contract

RFID Global Solution, Inc.

GovConExec. Posted By: Jay Clemens on: December 20, 2016. CSRA ‘s SRA International subsidiary has been awarded a five-year, $25.5 million contract to provide a common, integrated radio frequency identification system to the U.S. The Defense Department said Monday that the Army will implement passive Radio Frequency Identification III technology to track, locate and identify commodities and assets.

IT 40

The Forrester Wave™: B2B Marketing Data Providers, Q2 2021

In our 24-criterion evaluation of B2B marketing data providers, we identified the 11 most significant vendors — Data Axle, Dun & Bradstreet, Enlyft, Global Database, InsideView, Leadspace, Oracle, SMARTe, Spiceworks Ziff Davis, TechTarget, and ZoomInfo Technologies — and researched, analyzed, and scored them. This report shows how each provider measures up and helps B2B marketing professionals select the right one for their needs.

Apollo – they can’t still be up to their old tricks?

Data Protector

Two years ago I blogged about an unsettling experience I had with Apollo, a firm that had confused me as to what they were really all about. Since then, I’ve had a number of emails from people who have had similar experiences. Today, I’m reprinting (most of) the most recent one – which comments about an organisation called Apollo-Transitions. Surely, this is not the same company as the Apollo company I had encountered?

IT 120

Cryptographic Agility

Imperial Violet

( These are notes that I wrote up from a talk that I gave at the National Academies Forum on Cyber Resilience. You can tell that it was in Washington, DC because of the “cyber”. I wasn't quite sure how technical to pitch this talk so it's relatively introductory; regular readers probably know all this. This isn't a transcript of what I said, but I try to hit the main points in my notes. ). Firstly I'd like to separate extensibility from agility.

IT 98

The NewCo-BigCo Shift or, These Nine Things Will Change Business Forever

John Battelle's Searchblog

The post The NewCo-BigCo Shift or, These Nine Things Will Change Business Forever appeared first on John Battelle's Search Blog. Addressing the crowd at Dollar Shave before interviewing CEO Michael Dubin during NewCo LA last November. cross posted from NewCo ). Thanks to NewCo , I’ve gotten out of the Bay Area bubble and visited more than a dozen major cities across several continents in the past year.

Return of the Business Value Suite Spot

Collaboration 2.0

Digital platforms that are fit for today's specific business purpose are essentially far more agile, open and flexible versions of the old proprietary enterprise suites

66

The Unexpected Cost of Data Copies

This paper will discuss why organizations frequently end up with multiple data copies and how a secure "no-copy" data strategy enabled by the Dremio data lake service can help reduce complexity, boost efficiency, and dramatically reduce costs.

Article 29 Working Party Releases GDPR Implementation Guidance and Announces Privacy Shield Developments

Hunton Privacy

On December 15, 2016, the Article 29 Working Party (“Working Party”) issued a press release announcing its December 13, 2016, adoption and release of three sets of guidelines and FAQs on key implementation issues under the EU General Data Protection Regulation (“GDPR”): Guidelines and FAQs on the Right to Data Portability; Guidelines and FAQs on Data Protection Officers (DPO); and. Guidelines and FAQs on the Lead Supervisory Authority.

Paper 59

My Latest Article Published at Today’s General Counsel

Getting Information Done

General Counsel Can Spur Legal Hold Success Check out my latest article which was published in the December/January 2017 digital edition of Today’s General Counsel titled: “General Counsel Can Spur Legal Hold Success” . I coauthored the article with Doug Deems, General Counsel, The Claro Group. One of the biggest challenges posed by legal holds is getting compliance by the employees who are subject to it.

Paper 40

The Strategic, the Tactical, and Agile Records Management

Brandeis Records Manager

George Despres, CRM. Program Director for University Records Management, Brandeis University. The content in this blog reflects the opinions of the author, and not of Brandeis University.). I’ve been asked in the past to provide budget estimates for five years into the future. My response is internal laughter, and tears.