How will e-Discovery affect your business?

Mar 23rd, 2017 Compliance, Data Protection, GDPR, Privacy James Gillies

As GDPR enforcement approaches you should start to think about the ESI (Electronically Stored Information) held on your systems that could contain personal data. Whilst reviewing how data is being stored, processed, transferred, updated and protected you must also consider how to later perform e-Discovery on all of that data. Not unlike the proverbial see-saw, the more you lock something away the more difficult it…

encryption

Should we be re-considering implementing encryption in our organisation?

Feb 23rd, 2017 Compliance, Confidentiality, GDPR, Secure Configuration James Gillies

In today’s digital world data is considered to be the crown jewels and should be protected from those that might abuse it. The value to the business that data represents should be balanced against the risk of it being exposed. Traditionally viewed as a pure security issue, as data protection laws start to change this will become much more of a compliance issue. In simple…

GDPR

Is the countdown to GDPR the new Y2K?

Feb 15th, 2017 Compliance, Data Protection, GDPR James Gillies

The countdown to the new millennium heard of horror stories predicted for planes falling out of the sky for failing to deal with the looming date of 31st December 1999. Working in a bank all night I witnessed the world transit through the different time zones, following the dawn. By the time we in the UK were in the early hours of the New Year…

Budget for year 2017

How much should we budget for Cyber Security?

Aug 24th, 2016 Compliance, Information Risk Management James Gillies

When budgeting for cyber security consider what you must do for legal and regulatory compliance, and what you should do for good security. As good security is a business enabler, do that first. Then analyse any compliance gaps and fill them. You should budget accordingly. How you decide to deal with risk is important: will you accept, avoid, transfer or mitigate? Let’s say you calculate…

Encrypt, Encryption

Do we need to encrypt our data if we are not a finance company?

Jul 6th, 2016 Compliance, Secure Configuration James Gillies

Recent years have demonstrated great efforts made by organisations to encrypt any data that needs to physically leave the building where it is normally stored – the “data at rest” is made unreadable to any person or entity that is not authorised to read that data. Traditionally it is patient and finance data that have been the focus, typically stored or used on a mobile…

Gravityscan Badge