For anyone who works in IT or compliance, you will be more than aware that the year 2018, has been seen more than its fair share of new regulations and updates to industry standards. This year alone we have seen the introduction or update of:

It seems that every IT-related conversation involves some element of cloud today. From cloud-hosted email, to cloud-hosted file storage and even cloud-based telephony through the use of centrally hosted VoIP services.

I am sure that we can all agree that cloud hosted software or SaaS (Software as a Service) is generally more cost effective, more convenient and easier to maintain. But in the back of our minds, there is always a concern about security; and whether or not submitting to the cloud means losing control.

It is both curious and comical to me how certain topics surrounding the GDPR (General Data Protection Regulation) seem to generate more buzz than others, whether they are correct or not. Such as the topic of consent being the only form of lawful processing, the overriding right to be forgotten in any circumstance and the belief that all forms of outbound marketing have been confined to history.

Hot on the heels of The GDPR (General Data Protection Regulation), yet enforced just fifteen days before, the directive on security of network and information systems (NIS) has been created to achieve a high, common level of network and information systems security across the European Union.

In the scramble of the final days leading up to the 25th of May 2018, Google crawl bots would have noticed universal updates taking place across the internet. Privacy policies for an unquantifiable number of organisations and companies were being adapted to fit the GDPR.

The 25th May 2018 has arrived and you as a data subject have been empowered with Europe's most ambitious and forward-thinking data protection regulation to date, the GDPR. As the ultimate steward of your personal data, you now have control over its use in most scenarios making data privacy a fundamental right. But what about instances where your personal data is available publicly? Is personal data fair game, once it is in the public domain?

By now you have probably learned that the processing of personal data does not always require an act of consent. Whilst much of the internet is obsessing over consent, re-consent and double opt-in consent, you have correctly discovered that it is not the only way to legally process personal data.

Marketing automation solutions have come along way in the past five years. Once used for mass emailing, now expanded to include an array of interactivity features such as blogs, landing pages and pop-ups, all to enrich the process of inbound marketing. But as the GDPR (General Data Protection Regulation) enforcement data looms nigh, how ready are the likes of MailChimp? and what do you need to know as their data controller?

With the GDPR (General Data Protection Regulation) getting all the headlines in the past two years, it is hard to garner any attention on anything else. Yet for good reason, the GDPR is widely focused and will for some challenge the way they take their offering to market. However, there have been developments, both legislative and not, in the past two years which can present opportunities for VARs (Value-Added Resellers) and solution providers alike.

Like many an industry trend before, MSSP (Managed Security Service Provider) appears to be trending among IT teams and security practitioners alike; embracing the cloud and hosting technologies to relieve the burden of ownership and maintenance, retain security practices and benefit from subscription models of service.

With less than 100 days to go until the enforcement of the GDPR (General Data Protection Regulation) and the relevance of this blog post on a short time span, a certain level of panic may begin to consume those who have only just started to take this subject seriously.

So, you've been told that you need to destroy your prized contacts database unless you can prove that you have consent to process the personal data of those that you store. Maybe you can send out communication asking those contacts to re-consent... but how many would? And what about the problems which Honda incurred by doing this?

I am certain that there is likely to be nobody reading this blog who has never been to a trade fair or industry event. Huge gatherings of like-minded individuals, peers or even just the curious jostle past one another, between extravagant stands paid for vendors promoting their wares.

With May 2018 within touching distance, you may think it will soon be all over. The GDPR (General Data Protection Regulation) is taking its toll and fatigue around the topic has undoubtedly begun to set in. Yet, it is only just the beginning, as one door closes another door opens, to make way for the European Union’s ePrivacy regulation.

The GDPR (General Data Protection Regulation) is a complex beast, of which there seems to be an endless supply of regurgitated information online, in print and at various events. What is lacking however is practical information on how to handle its requirements operationally.

At the recent Consumer Electronics Show (CES) the Wi-Fi alliance announced WPA3; a new security certification which promises to address the weaknesses of WPA2 and adds a range of much needed enhancements to wireless security.

The industrial revolution of the 18th century was famously invoked by a step up in technology. Industries which had traditionally relied on work by hand started to embrace a new future of machine use to dramatically enhance output levels, efficiency and financial return.

Uber, the world's most famous disruptor of the taxi industry has never been short of controversy. Whether it be accusations of poor employment practices, sexual harassment at HQ or their never ending legal duels with various city councils, the workload for Uber’s public relations department is certainly colourful to say the least.

'The devil is in the detail' is a phrase which comes to mind when speaking about the GDPR (General Data Protection Regulation). The obvious topics surrounding the application of the regulation's articles have been extensively discussed, leaving behind those tricky and often overlooked details.

Wherever there exists a conversation about the GDPR (General Data Protection Regulation), you can guarantee a handful of infamous topics are covered. The scaremonger worthy administrative penalties, the notion of consent being the lawfulness to rule all others and the Lord Lucan of rights, the right to forgotten.

As the Internet continues to be an important part of our lives, it also becomes a more dangerous avenue for cybercrime. The risk increases as the massive online community’s use of the Internet becomes more rampant. And despite the public being aware of cybersecurity issues, anonymous online criminals are able find more victims and creative ways to commit Internet fraud with the use of Internet services or software programs with web access.

Much like the fable of the Emperor's New Clothes, there is much talk of the GDPR but little with any real substance. You have no doubt been told of the potential fines and heard of the right to be forgotten but how does the GDPR actually affect the IT security channel operationally? Rather than walking into 2018 wearing nothing, like the ill-fated Emperor in the tale. We interviewed Infinigate UK Sales Manager, Mike Tye, for his opinion on the operational challenges which he expects value-added resellers to witness as a result of the GDPR.

In the pursuit of writing about the practical application of the GDPR (General Data Protection Regulation) rather than reciting the contents of the freely available regulation document, I am writing this blog to answer a commonly asked question regarding the purchasing of marketing contact lists post May 2018.

If you haven’t heard of the GDPR (General Data Protection Regulation), quite frankly I am in envy of you. Never has there been an IT security topic so heavily covered by those who wish to show they are literate and can re-write what they have read. Astronomical fines, forbidden non-consensual communication and mighty data subjects wielding new found rights have all been covered repeatedly and tirelessly.