Writing and Blog
A collection of my writing, musings, and opinion pieces. Please check back for updates!
Ross is available for technical and other writing.
Should you be interested, please get in touch!
The “New Normal” (I’m sure I’ll get sick of that phrase soon) is already kicking in due to novel coronavirus, and we are seeing a number of changes in the world. One such change, is a new acute awareness of cyber security. Yes, we’ve all been aware of hacks and issues, but it’s never really affected a large swathe of people; it’s just been stories in the media (and often, the tech media as opposed to the mainstream).
It’s been an absolutely crazy time with lockdown and COVID-19 turning the world upside down. That said, we soldier on and continue in the new normal! In the midst of all this happening, a number of developments have come from my side, and I wanted to share those as well as some up-and-coming initiatives.
It’s been two weeks of Zoom being laid bare regarding privacy and security issues, with a whole laundry list of issues being aired out in the open. While there are causes for concern (and where there’s smoke, there’s fire), some of the articles that are out in the media have been blown out of proportion. In this article, I’ll be discussing some of the issues that have come up, and where Zoom stands with them as of the 6th of April.
As part of my Privacy-in-a-Box offering I have a number of template policies, procedures, agreements and notices that are provided to corporates looking to jump-start their Data Protection programme.
With everyone working from home, I thought it pertinent to highlight a few of the awesome privacy and security features available in Windows. These features are (mostly) built in to the operating system, and you can enable them pretty easily.
It is indeed a crazy, crazy time at the moment with the COVID-19 and countries implementing lockdowns, travel bans, and restrictions on movement. In order to “flatten the curve”, many companies are opting to allow their teams to work remotely. This is an admirable practice (and one long overdue in my opinion), however, as a business you still need to ensure that your company data is taken care of.
When developing any sort of Privacy Programme, there are a number of key components that need to be included. Information Officers have a duty to ensure that these components are in place and are running effectively and efficiently.
As we recently saw in SA with Nedbank’s 3rd party breach, companies are not immune to 3rd party breaches. This breach highlights the fact that while the bank itself may be the target of an attack, the actual company attacked is different. This is partly due to the fact that banks often have very good protection programmes in place, whereas smaller providers may not have the same resources to dedicate to data protection.
You may have noticed an absence of my usual Monday post, and that's because I was in Namibia at the Plan B Summit speaking about Data Protection for Professional Speakers! My breakout session had a lot of interest after the fact, and as such I've decided to extend it...
Work has officially begun on my next book, where I will be tackling the challenges and intricacies of implementing a data protection programme in a software company. As part of the book, I’m looking for input from various companies as to their experience when it comes to their own programmes and compliance exercises.