Tag: Security

  • Every Move You Make

    Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 14 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

    So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But even harder for Internet users is to be invisible using Internet communication when it mattes. (more…)

  • GDPR: Use a Privacy Reference Model

    Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 15 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

    So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But using a Privacy Reference Model will help. (more…)

  • Privacy Benchmark your site

    Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 16 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

    So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But before you are done it is advised that you perform a view simple privacy tests. Especially on your website(s). (more…)

  • GDPR: Pseudonymization or Anonymization

    Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 18 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

    So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to handle the GDPR is not straightforward when dealing with data masking.  (more…)

  • The Web never forgets: The right to be forgotten

    Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 19 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

    So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to handle the GDPR is not straightforward. The GDPR introduces a right for individuals to have personal data erased. This right to erasure is also known as ‘the right to be forgotten’. (more…)

  • Do you still use fingerprinting?

    Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 21 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

    So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design your systems to meet the GDPR is not straightforward. Especially when you make use of third-party services.

    But tools and methods that can detect if you track users can help you when creating new Internet facing systems. (more…)

  • No more confusion: An IP address is personal information

    Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 23 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

    So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining exactly what private data is not straightforward. What does not help is that a lot of information on many sites regarding on what is allowed under the GDPR is plain wrong. E.g. there is a lot of confusion about the object ‘IP address’. Is an IP address personal information or not? (more…)

  • Serverless Architecture

    Staying up to date in the complex field of business IT trends is hard. Since I felt my knowledge of the  AWS (Amazone Web Services) Cloud portfolio was no longer up to date I was happy to have the opportunity to visit the 2016 AWS Global Summit organised on the May 24 in the Netherlands. The number of visitors that this AWS Summit attracted was far beyond my expectations. But since this was my first AWS Summit experience I did not really know what to expect of course. (more…)

  • How Security Personas will help you

    One of the tools of IT architects and UX designers is to work with so called ‘Personas’. Personas are fictional characters created to represent the different user types that might use a system, website, product or service. Using personas is common practice when dealing with UX design. But when developing a security architecture for a new system, service or website security personas are also valuable to use. Security Personas force you to think different about the goals and behaviour of attackers that are going to hit your system. (more…)

  • Complex attack vectors

    Good security is goal oriented. A good security architecture is tailored to your situation.
    When defining a product or new (IT) service one of the key activities is to define your specific security requirements. Defining requirements is known to be hard, time consuming and complex. Especially when you have an iterative development cycles and you do not have yet a clear defined view of your final product or service to be created. (more…)