Over the past few days the new EU data protection laws have been passed which will for the first time in 20 years rewrite the requirements and responsibilities of those who store data. It will also give more rights to the users who have data stored.
The new General Data Protection Regulation (GDPR) will require many businesses to re-think and rework their current strategies. One area which interested me was in the effect of the GDPR on cloud service providers.
I have studied many articles and discusssions and thought I could take the main points and simplify them here.
First some terminology
Data Controller - The business who actually owns the data
Data Processor - The cloud provider
The current situation:
All of the responsibility of data protection currently lies with the Data Controller. The Data Processor basically facilitates a platform on which the systems run.
With the introduction of the GDPR
Both the Data Controller and the Data Processor will be responsible for the data.
A breach will need to be reported in 72 hours and fines will fall into one of two categories depending on specific criteria.
2% of global annual turnover or €10 million
4% of global annual turnover or €20 million
Obviously the new regulations will cover many more aspects in much more detail and clarity, but it doesn't take much to assume that there will be a rise in service costs due to the extra responsibility being placed on both the businesses and cloud providers.
Monday, 18 April 2016
Friday, 15 April 2016
After Trend Security Researchers discovered two new flaws in Quicktime they contacted Apple to report the issue. Apple allegedly responded that they would not fix the issues as they were removing support for Quicktime on Windows.
It is reported that even the Department of Homeland Security’s United States Computer Emergency Readiness Team (US-CERT) has recommended Windows users uninstall this software as well.
Many companies have little to no email retention policies in place. The idea here is to ensure that if a business related email is required...
Off topic.......configuring the zmodo ZP-IBi-13W camera to work with Blue Iris Software. Many people have had issues getting these cameras...
So it looks like the Government will finally get the law passed requiring websites to retain all user browsing activity logs for a minimum o...
On April 12th, 2016, a crucial security bug in Windows and Samba will be disclosed. It has been named Badlock and like Heartbleed it has...