Writing and Blog
A collection of my writing, musings, and opinion pieces. Please check back for updates!
Ross is available for technical and other writing.
Should you be interested, please get in touch!
This may sound like an easy question on the surface, telling me exactly where your clients' data is, but it goes quite a bit deeper than that. See, I don't want you looking on your network now, I want you to tell me, off the top of your head, where ALL (every. little....read more
First off, let's get it clear that Data Privacy is not the same as Information Security. Sure, firewalls, penetration tests, encryption and complex passwords are important, but they only form a small portion of what is required for Data Privacy compliance. Laws like...read more
By now, dear business leader, you should be well on your way to compliance with data privacy regulations. With GDPR having gone live on the 25th of May this year, and with POPIA around the corner in SA, you shouldn't be sitting back and relaxing when it comes to...read more
One of the most powerful means of protecting your information (at least when it is disposed) is to shred paperwork, yet why am I the only person I know that owns a shredder in the home? This often overlooked tool is seen as something that's only required in the...read more
Two terms often used interchangeably are those of Data Privacy and Information Security (also known as InfoSec). While the two are related to each other, it is a common misconception that they are the same thing. This misconception leads to confusion around...read more
We often hear of AUPs (Acceptable Usage Policies) in the domain of internet service providers, but seldom stop to think about them in our own work environments. The truth is, AUPs are vitally important to your Data Privacy Strategy, as they can and should define where...read more
In many organisations, particularly smaller ones, WiFi is set up in such a manner that all users (guests and employees) have access to the same access point. While this makes for a really simple to deploy and manage use-case, it creates a rather significant security...read more
Well, not in the sense that it used to - firewalls are no longer the be all and end all of your defense, and if you are still relying on them as such, you have a problem. According to IBM Security and the Ponemon Institute, the average total cost of data breaches in...read more
In last week's article, I dealt with HTTPS and Let's Encrypt. This week, I'm going to dive into a bit more technical detail with Let's Encrypt, specifically issuing a manual certificate. With Let's Encrypt, if you are doing your own hosting and are using Apache for...read more
Let's Encrypt is a relatively new Certificate Authority (CA) offering free, automated certificates for websites. In light of recent changes by Google to Chrome, if it wasn't important to you to change to HTTPS on your websites and devices, it should be now. As of...read more