Businesses with BYOD rules could face ‘inadvertent’ data breach fines

By | News | No Comments

Researchers at Northeastern University have found several ‘alarming’ privacy holes within popular Android apps – these include taking and distributing photos and screenshots without the users’ express knowledge. The research paper evaluated nearly 18,000 apps in the Google Play marketplace and they reported that some apps would take screenshots whilst others would covertly record conversations.Related image

The researchers noted:

“Our study revealed several alarming privacy risks in the Android app ecosystem, including apps that over-provision their media permissions and apps that share image and video data with other parties in unexpected ways, without the user’s knowledge or consent.”

These findings highlight a worrying reality for IT leadership within a fast-changing digital landscape. The Bring Your Own Device (BYOD) landscape has epitomised the ‘new’ workplace that millions of people experience. Yet, apps downloaded by users, interacting with your organisation’s data via email or other sources, could result in your business being breached.

One way of alleviating the worry surrounding this growing reality is to retaliate by providing staff with mobile security solutions – some organisations are providing staff with mobile subscriptions to security apps that help to improve device security – companies like BlackBerry and IBM are leaders in digital mobile security.

Islington Council breach Payment Card Industry code of conduct

By | News | No Comments

Islington, a council in London, could have breached the Payment Cards Industry (PCI) Security Standards Council’s rules on data security standards. The council sent email requests with Word application forms for payment of local parking permits. The council told the BBC, “We have begun an internal investigation into the process of applying for and paying for parking bay suspensions. In the short term, we have removed that form from our website.”Related image

The Microsoft Word document – the parking pay suspension form – required residents to fill in address details and card payment information. This archaic model was even queried by the Local Government Association who couldn’t identify any other council using such out-dated means of payment collation.

The rules outlined by the PCI state that card payment data shouldn’t be stored on third-party sources – such as email. This is because if the data is leaked then the individual would be held liable by the bank for transmitting their personal financial data via a third party. These rules are set by PCI who represent major financial organisations, like Mastercard, American Express and Visa. The GDPR also enhances individuals’ rights when handling such sensitive information.

Ticketmaster Hack – 40,000 UK Customers Data Lost

By | News | No Comments

The giant online ticketing emporium, Ticketmaster, was the victim of a massive data breach which was a result of numerous failures – including the monitoring of subcontractors. The hack, according to Wired Magazine, was identified by Monzo, the start-up app-based banking service, who noticed a correlation between fraudulent activity and Ticketmaster purchases. Yet, when the company approached Ticketmaster, the giant ticketing platform did nothing. The ICO is investigating and has released a statement:Related image

“Organisations have a legal duty to ensure that people’s personal information is held securely. We have been made aware of an issue concerning Ticketmaster and will be making enquiries. We will look at when the incident happened and when it was discovered as part of our work and this will inform whether it is dealt under the 1998 or 2018 Data Protection Act.”

Depending on when the company discovered this breach, the company that made $1.8 billion in revenues could be hit by a massive GDPR fine, yet if the breach was discovered before the GDPR came into effect, the net fine could be minimal.

ICO launch second round of grant funding for “innovative privacy solutions”

By | News | No Comments

The Information Commissioner’s Office has launched its second round of grant funding for organisations exploring data privacy in order to source and promote robust and independent data privacy information solutions. The purpose of the scheme is to award grants worth £20,000-£100,000 to help explore data privacy that have “real world solutions that are of clear benefit to the people of the UK.” The head of the ICO, Elizabeth Denham, stated:Related image

“Information rights are evolving all the time and it is fair to say that a lot has happened since we launched the inaugural grants programme a year ago. The introduction of the GDPR and the new Data Protection Act 2018, along with high-profile cases and incidents, have meant that privacy issues and concerns about how people’s personal information is used have probably never been more prominent.”

Last year’s successful cohort was even mentioned by the UN Special Rapporteur on the Right to Privacy was argued that the “relevance” of the programme and the project funded highlighted the growing concern individual have over their data and its use by businesses and government alike.

BEUC argues tech giants’ privacy policies fail to “respect GDPR”

By | News | No Comments

The European Consumer Organisation (BEUC) along with a team of researchers from the European University Institute, in Florence, published a study arguing that leading tech companies – Microsoft, Facebook and Amazon as prime examples – are flaunting the values of the GDPR by using ambiguity to create privacy statements that are “potentially problematic” due to the use of unclear language. The head of BEUC, Monique Goyens, stated:Related image

“A little over a month after the GDPR became applicable, many privacy policies may not meet the standard of the law. This is very concerning. It is key that enforcement authorities take a closer look at this.”

Examples, provided by BEUC, include Google’s “we collect information about your activity in our services, which we use to do things like recommend a YouTube video you might like.” The BEUC argue that this is “unclear” as it does not specific the full use of the data within the Google ecosystem.

Tech Tip – Create Instant Shortcuts

By | News | No Comments

If you need to access certain files or folders quickly in Windows, you can help yourself by being able to easily create instant shortcuts to them. Here’s how:Related image

– Go to the folder or file that you’ll need fast access to.

– Hold down Alt then drag it from a File Explorer window to the desktop (or anywhere else on disk). 

– Right-click on it.

– Choose Properties to make changes to the new shortcut, e.g. the program it opens up with by default.

Outsource your IT support services

This is a highly effective way of keeping your IT systems working at peak efficiency without a large overhead.

Take a look at our small business IT support packages or download our brochure



Book a free IT consultancy visit with one of our technical team and save over £150.

What does this visit include...