Writing and Blog
A collection of my writing, musings, and opinion pieces. Please check back for updates!
Ross is available for technical and other writing.
Should you be interested, please get in touch!
A little while ago, a friend of mine asked my opinion on VPN services for his home office. My first response was to ask "why?" he needed a VPN. In general, a VPN is only really a serious requirement on public wifi while not being as necessary on a home network. His...read more
In both South Africa's Protection of Personal Information Act (POPIA) and the European Union's General Data Protection Regulation (GDPR), there are three players that are part of any personal information transaction. They may be known by different names in each piece...read more
Data Leak Prevention (DLP) is something that all organisations should be taking seriously. It covers the prevention of data leaving your company by means of various methods. It is, however, an imperfect and difficult approach to take, given the number of ways that data can leave the company – on both a digital and physical level.read more
In a shock announcement this morning from the ICDRB (International Coalition of Data Regulators and Bodies), Data Protection laws across the EU and parts of Africa are set to be reviewed and most like repealed by the end of the year.read more
In laws such as POPIA and GDPR, there is a principle of implementing security safeguards. These safeguards do not necessarily fall into the categories of IT Information Security or having available tools like shredders, they also include ongoing education.read more
Given the importance of network security and the fact that threats to your network are no longer coming only from outside (i.e. through your firewall), it is important to be monitoring your network for unusual traffic internally by means of intrusion detection and prevention systems. The two can be seen to work hand in hand with one another, with prevention being a more mature approach than simply detection. While both analyse network traffic against a database of known threats, one is a monitoring tool while the other is a control tool.read more
A triangle of protection exists for your email, that of SPF, DKIM, and DMARC, but chances are you are not using them. By implementing this trio, you will prevent spammers sending emails on your behalf (a risk any company faces without knowing it) and at the same time as an added bonus, you will very likely lower your spam score for anyone receiving your emails – great news for marketers and folks running newsletters!read more
A subject that is coming up more and more often at my clients is the difference between vulnerability assessments and penetration testing. These two terms appear to be used interchangeably among executives, however they are very different. Fundamentally, one is a defensive process, and the other is offensive. Let’s dive into it a bit further.read more
In any process or compliance exercise, it is easy to make mistakes along the way. In this post, I’m going to detail a few of the mistakes I’ve seen and what can be done to avoid them.read more
Just as we should be concerned about privacy and security on public networks, we should be securing our home networks too. With dangers of having guests on your WiFi, to annoying online trackers and advertisers, many tools and habits are available to secure your home...read more