20 June 2014 at 11:44am
It’s often said that technical people are bad at designing user interfaces. Ken Klingenstein’s presentation at the TERENA Networking Conference reported (and demonstrated) the results when user interface experts looked at the problem of explaining federated login to users.
17 June 2014 at 4:21pm
One of the challenges in finding an appropriate legal framework for incident response is that for many types of incident you don’t know in advance what information you are likely to receive. Rogier Spoor of SURFnet discussed one of the most common situations – cleaning up after a botnet infection - at the TERENA Networking Conference last month. Although SURFnet’s approach is designed to comply with Dutch, rather than UK, law, it seems a reasonable fit for our legislation too.
23 May 2014 at 11:47am
A thought-provoking talk at the TERENA Networking Conference by Barry Smyth of the Insight Centre for Data Analytics suggested both the possibilities and the problems of big data, and some of the decisions that society needs to make soon about how we do, and do not, use it to maximise benefits and minimise harms.
22 May 2014 at 7:10am
A number of people have asked me what the recent European Court judgment in the Google “right to be forgotten” case means; here’s why I have been answering that I don’t know!
17 May 2014 at 12:16am
Thanks to the generosity of my host, AusCERT, I’ve been able to spend this week in Queensland at AusCERT’s annual conference. Whilst not part of the Australian NREN AARNet, AusCERT fulfils a similar role to Janet CSIRT and provides incident response services to the Higher Education sector in Australia.
25 April 2014 at 12:03pm
I was recently invited by the Groningen Declaration Network to join a panel discussing privacy issues around the exchange of digital student records. Like the discussion, this summary is a collaborative effort by the panel team.
14 April 2014 at 11:13am
At present only public telecommunications providers are required by European law to notify their customers of security breaches affecting their privacy, including breaches that the confidentiality, integrity or availability of personal data. In the UK the Information Commissioner has published recommendations on handling privacy breaches, including when to notify those affected.
8 April 2014 at 9:38am
The security of computer, data and networks is now a matter of importance to everyone who uses them. Computers connected to a network, whether local or wide area, are exposed to many threats against their effective operation and the safety and privacy of the data they hold. Topics Covered
4 April 2014 at 9:57am
[Updated with further information and suggestions provided by CSIRTs: thanks!]
30 October 2013 at 1:52pm
I’ve had a few discussions recently where people talked about the ‘new risk’ of Bring Your Own Device (BYOD), but then mentioned risks – loss/theft of device, use in public place, etc. – that already exist on organisation-managed mobile devices. Turning that around, it struck me that one way to develop a BYOD policy might be to start from the mobile device policy you already have. I’d be interested in comments on how this approach might work.
Subscribe to Privacy