Thomas Yohannan
Summary: It is essential that all members of the ITSM team are provided with specific awareness, education and training in GDPR and its implication to the way that they handle sensitive personal data and use it as part of their roles. IT Service Management (ITSM) is at the forefront of developing solutions that can keep…
Read more More Four Letter Words: GDPR & ITSM: [the GDPR Series (8)]
Summary: SIEM solutions are not only a growing segment of the technology market but, through GDPR implementation, companies will use SIEM as a tool for security and compliance. Security Information and Event Management (SIEM) solution is an emerging tool to comply with various articles of GDPR. SIEM tool takes system logs, network information and behaviour…
Read more Four Letter Words: SIEM & GDPR: [the GDPR Series (7)]
Summary: If WHOIS database, ICANN’s domain name registration system, is to come into compliance with the GDPR, it may cause a host of concerns regarding the security of the internet. Concerns surround around the compliance obligation of ICANN’s WHOIS database. Conflict arises as some of the data collected by WHOIS database comes under the purview…
Summary: If you’re a US company that’s not based in the European Union (EU) then it may be time to think about expanding your company. Read below first… Any organisation providing goods and services in EU must have a representative in EU in one of the member states where data subjects are located. GDPR covers…
Read more EU Representative Designation: [the GDPR Series (5)]
Summary: Data processing activity will require “informed consent” from data subjects which will require organizations to rethink their business models and user experience options. “Informed consent” is one of the prerequisite for data collection by organisations. GDPR stresses that data collected should be “freely given” and specific. Departure from conventional sign-up processes. Article excerpts from…
Article 30 of GDPR partially relieves Small and Medium Enterprises (SME), employing less than 250 people, from certain obligations. SMEs exempted from the obligations of Data Controller and Data Processor. GDPR maintains data processing for criminal convicts and special categories data in place for SMEs. Article excerpts from my forthcoming book – 99 Articles on…
GDPR is enacted to safeguard the privacy of European Union citizens. The law is still unclear on whether all European residents irrespective of their nationalities come under the purview of law. Best approach for the organisations will be to include all European residents within the definition of ‘data subjects’. Article excerpts from my forthcoming book…
GDPR, effective from May 2018, will affect U.S. Companies. GDPR aims to protect against the collection and use of Personal Data as well as Personal Sensitive Data. Personal Data now includes cookies, IP Addresses and other online identifiers. GDPR treats Personal Sensitive Data differently than the erstwhile law – putting onus on the organisations to…
Read more Execution Data vs. Persecution Data: [the GDPR Series (1)]
Published @ The Last Watchdog Dissociative identity disorder, AKA multiple personality disorder, is a human condition by which the victim’s personality becomes fragmented into two or more distinctive states. DID has long been a rich topic for Hollywood screen writers. The movie Fight Club, in which Edward Norton and Brad Pitt portray polar opposite personalities…
Read more What ‘Fight Club’ Taught Me About Protecting My Online Personas
Last week, Apple lost control of its iPhone Secure Enclave Processor encryption key when a hacker, “xerub”, released the key. According to analysts, the release of the encryption key isn’t going to effect user data but it does bring into question one of Apple’s main selling points – security. This may help to boost the…
