Posts tagged ‘Security’

October 27, 2015

A Presentation on ICT for Lawyers

This post is a summary of a presentation I gave to a group of lawyers on ICT fundamentals. It represents my own opinion, and not that of my employers or anyone else! I apologies for it being so wordy – but a lot of material was covered.

My presentation walked through some fundamental concepts in ICT, some major trends that are shaping ICT, and how ICT organisations are evolving. The aim is to give a plain english summary to allow ICT lawyers to have sensible conversations about ICT to support the work that they do with ICT professionals. In my view ICT may be hard to do, but it is not hard to understand. At the end of each topic I will include my own personal view.

read more »

October 23, 2013

What Is the Difference Between Privacy and Security?

When talking with people about privacy and information security I often come across a common misconception – that there is nothing more to privacy than security, or that the two are roughly the same.  In particular this often comes up in discussions around the use of cloud services where people seem to think that if they address security issues with cloud services, then there is nothing more to do from a privacy perspective.

read more »

May 28, 2013

Some BYOD Technology Recommendations

This is the sixteenth post in my series on BYOD. In my last post on the subject I discussed a range of technologies that can be used to solve issues raised by BYOD. Here I’d like to give my broad recommendations around which of those technologies are most likely to solve the kinds of problems that are typically found in organisations that are looking to embrace BYOD.

read more »

April 16, 2013

Take A Better Look At Cloud Risks

If you have ever had a debate about whether your organisation should use cloud computing  then a discussion of the risks of cloud computing will have been a significant part of it. In doing so, we often fall into a simple logical trap.

read more »

April 11, 2013

What Are You Doing To Get Off XP?

In case you haven’t heard Microsoft is ending support for Windows XP and Office 2003 in April of 2014. What this means is that Microsoft will no longer patch security vulnerabilities discovered in XP or Office 2003, and therefore there will be security holes discovered that can be exploited by hackers which will never be fixed.  My personal opinion is that in practical terms within a few months users of XP will be wide open to exploits by hackers. Potentially, they will be able to steal your data or take control of your PC and there will be nothing you will be able to do about it! For most organisations this represents an unacceptable level of risk. If you haven’t already started your move off Windows XP, you should – immediately!

read more »

April 9, 2013

An Overview of Mobility and BYOD Technology

This is the fifteenth post in my series on BYOD. I have mostly avoided talking about technology, as in many ways that is the least important, and the most straightforward aspect of dealing with BYOD. Most people automatically think of Mobile Device Management (MDM) when they think of mobile or BYOD technology, but that is far from the only viable solution. Here I’ll outline the key technology solutions that are available to help you deliver usable and effective BYOD to your organisation.

read more »

February 10, 2013

Identity Standards: ISO 24760-1

I’m currently looking at international identity standards and thought that I might post some thoughts about them as I look at them. The first that I have looked at is ISO/IEC FDIS 24760-1:2011(E) “A framework for identity management – Part 1: Terminology and concepts”. This standard is supposed to define key terms for identity management and specify core concepts in identity and identity management. My view is that it should be avoided. The reasons for this are many: it is confused, it is unclear, and doesn’t use terms in the way that they are standardly used in the identity industry.

read more »

December 11, 2012

Poor Information Security Can Lead to Tragedy

What do Kate Middleton and, Apple and the Ministry of Social Development have in common? Poor information security leading to tragedies. They also show that information security has as much to do with culture as it does with technology.

read more »

December 4, 2012

More BYOD Myths

This is the thirteenth posting in my series on Bring Your Own Device (BYOD). In a recent post I looked at 5 myths about BYOD that I had come across a lot. Kenneth quite rightly pointed out that I had looked at only technology related myths, and challenged me to look at more business related ones, as he believed that they were just as important. He is quite right, though because of my day job I wasn’t running into as many of that kind of myth. He helpfully got me started with some suggestions in a comment on my BYOD myths post.

read more »

October 24, 2012

A Presentation for a Workshop on BYOD Policy

I recently ran a workshop on developing BYOD policies to a group of education sector ICT professionals. It was a great chance to socialise my ideas, thinking and recommendations and get some feedback from people who were actively working on and engaged with this subject. As part of the workshop I decided to organise my thoughts as a presentation, and decided to use Prezi as the way to present my thoughts to the group.

read more »