Search Results for: gdpr

The German state of Hesse has banned schools from using Microsoft Office 365 because it fears the software opens up student and teachers' private information to the risk of "potential access by US authorities".

The Hesse Commissioner for Data Protection and Freedom of Information (HBDI) believes that Office 365 is in contravention of GDPR legislation, and also expressed concerns about the collection of telemetry data by Windows 10.

Continue reading →

As data protection legislation tightens and breaches continue to make headlines, there is increased pressure on businesses to implement security by design in their applications.

For many this has meant a move to DevSecOps. We spoke with Rusty Carter, vice president of product management at application security specialist Arxan to find out why this approach is becoming essential.

Continue reading →

You may well have suspected it, but now Google has confirmed it -- contractors for the company are able to listen to what you say to Google Assistant.

The revelation came after recordings of people using the AI-powered digital assistant were leaked. Belgian broadcaster VRT News obtained a large number of Dutch language recordings and was able to hear highly personal information about users -- even if they had not used the "OK Google" trigger words.

Continue reading →

Identity specialist Ping identity is announcing an update to its PingOne for Customers IDaaS solution that means developers can now deliver passwordless and advanced multi-factor authentication from custom mobile applications.

Enhancements include a mobile SDK that allows development teams to send push notifications to custom mobile applications for MFA, APIs for logins via social media accounts, and support for single sign-on via Security Assertion Markup Language (SAML).

Continue reading →

With GDPR in effect and privacy regulations being planned in other parts of the world, many organizations are looking at their database management to ensure stored data is complaint and doesn’t threaten the business.

For Oracle users, Quest Software is launching its Toad for Oracle -- Sensitive Data Protection (SDP) Module. This allows database admins to to detect and receive notification of personally identifiable information (PII) data residing in databases, select encryption and redaction options immediately after detection, and perform ongoing monitoring

Continue reading →

Enterprise cloud adoption has largely been driven by developers eager to take advantage of its agility. These developers are often moving very quickly and are under pressure to bring new products to market that provide competitive advantages. The speed of development combined with a lack of cloud security expertise often results in engineers and developers bypassing certain security and compliance policies. The result is a chaotic, "Wild, Wild West" cloud environment.

Alongside innovative apps and services, a common byproduct of this "free for all" mentality is data breaches, thanks to misconfigurations and other security glitches. This article shares advice on how organizations can empower their developers and engineers by providing a safe framework within which to operate, so they can stay agile and innovative, without inadvertently compromising security.

Continue reading →

The combination of technology and mental health can often have negative connotations. There is plenty of media attention surrounding the negative impact the former can have on the latter. In fact, there is research identifying that social media and too much screen time can increase the risk of depression and anxiety, which can lead to hampered sleep and increased stress levels. A recipe for disaster?

Looking at the other side of the coin, technology can also work to improve mental health and stress levels. In recent years, technology has brought about hugely beneficial health apps like Headspace, Calm and Stop, Breathe & Think. This has provided people with a way to help manage their own mental health conditions on a daily basis, such as anxiety and depression. Businesses can also employ different technologies to help address workplace stress. Together, let’s take a deeper look at that below…

Continue reading →

Historically data has been stored in silos in order to deliver a quick solution. But in the longer term silos can slow down decision making, make modifying systems harder, and hinder compliance with regulations.

One of the ways to break down barriers between silos is to allow data to be freely shared between them and open source has a big part to play in this. We spoke to Mandy Chessell, distinguished engineer at IBM Cognitive Applications, and recently elected leader of the Technical Steering Committee of the ODPi, to learn more.

Continue reading →

Do you know how every company you interact with uses your private data? Consider this: In December 2018, The New York Times revealed that tech and marketing companies use seemingly innocuous apps to gain access to users’ locations -- sometimes up to 14,000 times each day.

For example, the Weather Channel app funneled users’ location data to an IBM subsidiary, while Reveal Mobile, a location-based marketing firm, harvested users’ location data from code planted in more than 500 other apps. It’s safe to say that most people trusted the Weather Channel app to make daily decisions about what to wear or whether to take an umbrella. After the news broke, however, the Weather Channel’s status as a trusted institution was less certain.

Continue reading →

According to the latest Data Breach Report from Risk Based Security the number of reported data breaches was up 56.4 percent in the first quarter of 2019 compared to the same period last year.

The increase in reporting could be a result of new legislation like GDPR that obliges businesses to be more open about security issues. The number of exposed records was also up by 28.9 percent. Already in 2019, there have been three breaches exposing 100 million or more records.

Continue reading →

The UK tax authority, HM Revenue and Customs (HMRC), has been forced to deleted voice recording of five million taxpayers. The recordings were made without consent, which the Information Commissioner's Office (ICO) said constituted a "significant" breach of data and privacy rules.

Before being allowed to access HMRC services, callers were required to repeat the phrase "My voice is my password". This recording was fed into the authority's biometric voice ID database, and violated GDPR rules.

Continue reading →

Now that technology is at the core of all business activities, IT finds itself evolving from having a supporting role to having a more central and crucial one. Even for startups, it's important to effectively define IT's place in the organization given the new realities created by the changing landscapes of technology and commerce.

Consider how dramatically this role has changed. Just over a decade ago, IT leaders were concerned with improving connectivity within the workplace and bringing their organizations online. More recently, they’ve had to worry about things like mobile tunneling, GDPR compliance and optimizing real-time business intelligence dashboards.

Continue reading →

The latest data risk report from security company Varonis reveals that 53 percent of companies have at least 1,000 sensitive files open to all employees, putting them at risk of data breaches.

Keeping old sensitive data that risks fines under HIPAA, GDPR and the upcoming CCPA is a problem too. The report finds over half of data is stale and 87 percent of companies have over 1,000 stale sensitive files, with 71 percent having over 5,000 stale sensitive files.

Continue reading →

More than half of data-driven initiatives are failing in business, with 27 percent of failures due to a skills shortage according to new research from analytic database company Exasol.

In the public sector, financial services and energy and utilities companies the failure rate rises to more than 60 percent. And in retail and financial services 40 percent blame skills shortages for failures.

Continue reading →

Nearly 40 percent of financial services businesses are failing to implement data initiatives due to a lack of skills, with almost a third saying that their GDPR initiatives are failing, according to a new study.

The report produced by Vanson Bourne for analytics database company Exasol is based on responses from 500 IT and business decision makers, from enterprises in Germany and the UK.

Continue reading →