Octree Observer

  • Personal data ‘lost by 132 councils’

    by : Octree
    I read with absolute fascination this article highlighted by an astute colleague of mine. Please read on.

    “Private data has been lost by or stolen from UK local councils more than 1,000 times since 2008, a report says. The data included details relating to children and vulnerable people in care, campaign group Big Brother Watch said.

    Some 132 authorities said they had had a total of 1,035 cases of data loss or theft between 2008 and 2011. The Information Commissioner said it was vital councils kept data secure. The Local Government Association for England and Wales declined to comment.
    24 November 2011 0 Comments
  • Keeping your laptops secure

    by : Octree
    Notebook PCs are ideal for small businesses. They make it easier to work flexibly. You can move from the office to a client location and back home again accompanied by all your programs and data. However, their very portability makes them easy to steal or lose.

    Take data protection seriously and start protecting your laptops!!!
    11 October 2011 0 Comments
  • European businesses face mandatory-disclosure law

    by : Octree
    Euro mapPublic and private sector businesses will soon be hit by mandatory-disclosure legislation. This means that any breach of personally identifiable information will have to be reported, and any person likely to be affected will have to be contacted. And, the necessary processes and procedures have to be transparent for audit.

    10 October 2011 0 Comments
  • Do you really need “cloud computing”?

    by : Octree
    I wanted to share this article regarding our incessant drive towards “cloud computing” identifying a number of considerations before taking the massive leap of faith. And I felt compelled to add a further caveat following the nationwide broadband outage reported on the BBC website as a result of a power failure at a Birmingham Exchange.

    “The world is abuzz over cloud computing–using virtual servers available on demand over the Internet. But the truth is not every small business needs to operate “in the cloud.” Before you make the move, or someone convinces you to make the move, consider these five criteria, care of Philip McKinney, vice president and chief technology officer of Hewlett-Packard’s Personal Systems Group.

    4 October 2011 0 Comments
  • ICO calls for prison sentences as more businesses report data loss

    by : Octree
    I saw this and thought of you all………………………

    Almost 90 per cent of businesses have suffered some form of data loss in the past year.

    A survey of 1,987 European businesses by CA Technologies found that respondents had struggled to deal with IT systems failure, attacks and human error. A total of 88 per cent of respondents suffered application and data loss incidents in the past year, while 63 per cent had experienced an IT systems failure, such as a network, storage or software failure.
    16 September 2011 0 Comments
  • Will the ICO get to use its new teeth?

    by : Octree
    Saw this article and thought it may interest many of you…….courtesy of Cameron Craig, partner and head of the EU Information Law Team at law firm DLA Piper.

    “The annual report of the UK Information Commissioner’s Office (ICO), published earlier this month, outlines the ICO’s desire to see an increase in the number of data protection audits being carried out by the ICO in the UK.

    The ICO’s mandatory audit powers currently only apply to public sector bodies. It needs the agreement of private sector business before carrying out an audit – in these cases known as a consensual audit. The statistics in the report indicate that private sector businesses have yet to be persuaded. Only 19 per cent of private sector businesses accepted the ICO’s offer of a consensual audit. The audit is free and the ICO has a skilled audit team – so why is there such a reluctance to take advantage of this offer? Even if businesses shun a consensual audit by the watchdog, they should think about conducting their own internal assessment to test compliance. Perhaps part of the answer lies in the report itself. Before recent changes in the law, the ICO was seen by some as a soft touch compared with other European data protection regulators.
    5 August 2011 0 Comments
  • Concerns raised over lost NHS laptop that contains more than eight million records

    by : Octree
    An NHS laptop containing the records of more than eight million people has been reported as ‘missing’. According to a report in The Sun, the laptop was lost three weeks ago but police were only informed this week. It was held at an NHS North Central London storeroom and is one of 20 that went missing from the storeroom. Eight have been recovered, with searches for the other 12 part of an on-going investigation.

    The laptop is reported as being unencrypted and contains sensitive details relating to 8.63 million people, plus records of 18 million hospital visits, operations and procedures. The data does not include names, but patients could be identified from postcodes and details such as gender, age and ethnic origin.
    1 July 2011 0 Comments
  • ICO finds two charities to be in breach of the Data Protection Act following stolen laptops

    by : Octree
    Despite several recent warning shots across the bow of organisations flagrantly breaching the Data Protection Act little seems to be happening to stem the tide of lost or stolen portable devices.

    The latest high profile case brought by the Information Commissioners Office against Sheffield-based Asperger’s Children and Carers Together (ACCT) and Nottingham-based Wheelbase Motor Project should be a timely reminder once again that information security has to be a priority within any organisation that has a moral and legal obligation to protect personal information.

    3 June 2011 0 Comments
  • Former ACS:Law data controller fined £1,000 over breach that affected almost 6,000 people

    by : Octree
    On 10th May the ICO issued its fifth monetary penalty for a serious breach of the Data Protection Act against ACS Law, a legal practice run by Andrew Crossley, “specialising” in apparently naming and shaming individuals who were breaching copyright laws, using file transfer sites to share adult material. Almost 6000 names, gleaned from ISPs and BskyB, were included in a file that was made available when the infamous Group Anonymous attacked ACS Law’s website.

    The ICO’s investigation found serious flaws in ACS Law’s IT security system. Mr Crossley did not seek professional advice when setting up and developing the IT system which did not include basic elements such as a firewall and access control. In addition ACS Law’s web-hosting package was only intended for domestic use. Mr Crossley had received no assurances from the web-host that information would be kept secure. While the firm should have been aware of their obligations under the Data Protection Act, they continued to act negligently and failed to ensure that appropriate technical and organisational measures were in place to keep personal information secure.

    26 May 2011 0 Comments
  • He who seeks revenge should remember to dig two graves (Anon.)

    by : Octree
    A sad tale of love, betrayal, Internet dating, sadistic revenge and viral infections!!! I love this one!

    Last week a New Jersey judge sentenced 48-year-old Bruce Raisley to two years in prison for launching a distributed denial-of-service (DDoS) attack against websites that had published humiliating stories about his adulterous “affair” with a fictitious online lover.

    6 May 2011 0 Comments
  • Another Security Vendor falls foul of the hacker

    by : Octree
    This week it was the turn of email and web security appliance vendor Barracuda Networks to suffer the ignominy of a significant and very public network security breach. Following in the close footsteps of the over-zealous HB Gary, infiltrated by the infamous hacktivists Anonymous, and RSA, the lurid details of which remain somewhat vague, this just goes to demonstrate that nobody, however techno savvy you may be, is immune from attack or compromise. I have the utmost sympathy, HB Gary apart, for such victims, and far from being critical it merely re-enforces the need to be vigilant and over-cautious at all times. The old cliché “There is no silver bullet” could not be more pertinent when determining security countermeasures, and I can only suggest following a best practices risk management based approach.

    18 April 2011 0 Comments
  • Do you know the real cost of not adequately protecting your data?

    by : Octree
    Most SME businesses find it difficult to justify the cost of network and data protection against the potential cost of a data or network breach. Sadly, in some extreme cases, some business owners question why they even need to consider such measures, despite legal and regulatory compliance mandates. Many business owners fail to grasp the costs and consequences of an infection or loss of confidential information, whether it is customer, employee and other personal records, as well as corporate intellectual property.

    5 April 2011 0 Comments
  • Whitepapers, Conferences and Roundtables

    by : Octree
    It’s been an exciting couple of weeks for me, and I wanted to update you on some great events I have attended, and people I have met.

    I am currently studying for my MSc in Cyber Security, and on Friday 4th March I was invited to deliver and present my whitepaper “Cloud Computing Improves Security for the SME” to senior Microsoft security personnel at Lancaster University. As a direct result Microsoft has proposed a collaboration between its own security executives, the elite MSc students and the information security lecturers, Philippe Jan and Dr. Dan Prince, to develop a cloud computing security whitepaper. Watch this space! My paper can be downloaded here.

    15 March 2011 0 Comments
  • Music-streaming websites operated by the BBC have been hacked with ‘malicious’ frames which deliver malware using drive-by downloads.

    by : Octree
    According to Websense, a leading Internet security company hackers had set up the drive-by malware on the broadcaster’s 6 Music and BBC 1Xtra radio web sites.

    “The BBC – 6 Music Web site has been injected with a malicious iFrame, as have areas of the BBC 1Xtra radio station Web site,” a Websense researcher wrote.”The injected iFrame occurs at the foot of the BBC 6 Music Web page, and loads code from a Web site in the .co.cc TLD (Top Level Domain). The iFrame injected into the Radio 1Xtra Web page leads to the same malicious site.”If an unprotected user browsed to the site they would be faced with drive-by downloads, meaning that simply browsing to the page is enough to get infected with a malicious executable.”

    7 March 2011 0 Comments
  • Data Privacy Day marks fresh interest in personal information security

    by : Octree
    Friday marked Data Privacy Day around the world, with an emphasis placed upon protecting personal information.

    It was described as ‘an international celebration of the dignity of the individual expressed through personal information’. Wiith identities, locations, actions, purchases, associations, movements and histories stored as data, questions have to be asked who is collecting all of this, what are they doing with it and with whom are they sharing it? Most of all, individuals are asking ‘How can I protect my information from being misused?’ These are reasonable questions to ask – we should all want to know the answers.

    31 January 2011 0 Comments
  • Cancer researcher has laptop stolen with no data backed up

    by : Octree
    A cancer researcher at Oklahoma University has had her laptop stolen, with several years’ worth of research lost.

    According to Softpedia, Sook Shin left the laptop in her car and returned to find a smashed window and the 13-inch white Macbook and bag missing. Shin said that the research was for a prostate cancer cure and as it was never backed up, it cannot be replicated

    28 January 2011 0 Comments
Octree Cyber Essentials
Cyber security – don’t know where to start?
Talk to Octree, specialists in helping SMEs achieve Cyber Essentials status.
GDPR Survey

Recent Posts

Blog Categories

Blog Archive