SlideShare una empresa de Scribd logo

Follow the data

M
mainplus

Today’s WordPress environment generally results in numerous organisations managing either our data or the hardware and software that it relies upon. Although we subcontract out parts of our WordPress infrastructure we are still accountable for the data processed by our Websites. This talk takes a look at a typical WordPress set up and follows the journey that a user’s data might take and some potential threats at each point on its journey. It looks at what we can do to minimise our exposure to risk of outsourcing management of our infrastructure, the considerations we should make and what questions we should be asking of our hosts.

Tecnología
1 de 20
Descargar para leer sin conexión
Follow the DataFollow the Data Dave PotterDave Potter Mainplus Technology
27th May 2018 3 Why me? ● Started in IT in 1977Started in IT in 1977 ● Managed computer operations and technical support for a largeManaged computer operations and technical support for a large proportion of that timeproportion of that time
27th May 2018 4 ` ● It’s the right thing to do!It’s the right thing to do! ● WeWe sub-contract responsibility but not accountability.sub-contract responsibility but not accountability. ● Ensure suppliers will protect our dataEnsure suppliers will protect our data ● GDPR and the UK equivalentGDPR and the UK equivalent ● https://wordpress.tv/2017/11/12/heather-burns-designing-for-data-protection/https://wordpress.tv/2017/11/12/heather-burns-designing-for-data-protection/ ● https://wordpress.tv/2016/11/01/heather-burns-get-to-grips-with-gdpr/https://wordpress.tv/2016/11/01/heather-burns-get-to-grips-with-gdpr/ ● https://wordpress.tv/2017/11/11/claude-saulnier-4-steps-to-tackle-the-forthcoming-changes-in-https://wordpress.tv/2017/11/11/claude-saulnier-4-steps-to-tackle-the-forthcoming-changes-in- data-privacy-law/data-privacy-law/ ● Protection from virus’, WordPress© security, Security pluginsProtection from virus’, WordPress© security, Security plugins ● http://wordpress.tv/2016/08/09/tim-nash-security-is-everyones-responsibilityhttp://wordpress.tv/2016/08/09/tim-nash-security-is-everyones-responsibility// Caring for our users’ data
27th May 2018 5 The user “Hello Computer”
27th May 2018 6 The Datacentre
27th May 2018 7 ● What legislative jurisdiction(s) applyWhat legislative jurisdiction(s) apply ● Where is/are the data center(s) located?Where is/are the data center(s) located? ● Who owns the infrastructure in the data centre?Who owns the infrastructure in the data centre? ● Who has control of who can access data?Who has control of who can access data? ● What is the policy and process if a government agency asks forWhat is the policy and process if a government agency asks for access to data?access to data? Jurisdiction
27th May 2018 8 ● AndorraAndorra ● ArgentinaArgentina ● Canada (commercial organisations)Canada (commercial organisations) ● Faroe IslandsFaroe Islands ● GuernseyGuernsey ● IsraelIsrael ● Isle of ManIsle of Man ● JerseyJersey ● New ZealandNew Zealand ● SwitzerlandSwitzerland ● UruguayUruguay ● US (limited to the Privacy Shield framework)US (limited to the Privacy Shield framework) Recognised by EU as providing adequate protection.Recognised by EU as providing adequate protection. Adequacy
27th May 2018 9 ● Replaced Safe harbour July 2016Replaced Safe harbour July 2016 ● Allows companies to self certifyAllows companies to self certify ● As of today - over 2,739 companies certified by the U.S.As of today - over 2,739 companies certified by the U.S. Department of Commerce.Department of Commerce. https://www.privacyshield.gov/listhttps://www.privacyshield.gov/list ● On the commercial side, the WP29 called for details on theOn the commercial side, the WP29 called for details on the handling of HR data, automated decision-making and clarity onhandling of HR data, automated decision-making and clarity on available recourse for data subjects.available recourse for data subjects. ● On the national security side the WP29 “regrets” PresidentialOn the national security side the WP29 “regrets” Presidential Policy Directive 28 - surveillance activities need to safeguardPolicy Directive 28 - surveillance activities need to safeguard personal information regardless of where the person resides -personal information regardless of where the person resides - still subject to Presidential privilege.still subject to Presidential privilege. ● European officials unhappy about US stalling on promising notEuropean officials unhappy about US stalling on promising not to force companies to hand over their data secretly to theto force companies to hand over their data secretly to the intelligence services.intelligence services. Privacy Shield
27th May 2018 10 https://www.theguardian.com/technology/2015/sep/09/microsoft-court-case-hotmail-ireland-search-warrant http://www.independent.co.uk/life-style/gadgets-and-tech/news/investigatory-powers-bill-act-snoopers-charter-browsing-history-what-does-it-mean-a7436251.html https://www.independent.co.uk/news/world/americas/us-politics/us-department-of-justice-anti-donald-trump-activists-facebook-account-details-warrants-demands-a7973181.html https://www.computerworlduk.com/security/draft-investigatory-powers-bill-what-you-need-know-3629116/
27th May 2018 11 The Host
27th May 2018 12 ● Are free SSL certificates provided (“Let’s Encrypt”)?Are free SSL certificates provided (“Let’s Encrypt”)? ● SFTP and SSH access?SFTP and SSH access? ● What backup facilities are provided?What backup facilities are provided? ● Where are they stored?Where are they stored? ● ...... shall not be responsible nor be liable for any loss, damage,shall not be responsible nor be liable for any loss, damage, costs or expenses or other claims howsoever arising forcosts or expenses or other claims howsoever arising for compensation for any data, file or other material being damaged,compensation for any data, file or other material being damaged, corrupted, lost or otherwise affected.corrupted, lost or otherwise affected. ● WP-CLI?WP-CLI? ● Wordcamps are a great place to find out information!Wordcamps are a great place to find out information! Hosting
27th May 2018 13 Who Pulled the Plug? https://mediatemple.net/community/products/dv/204404134/faq:-i-received-a-notice-that-my-dv-server-has-been-temporarily-disabled. FAQ: I RECEIVED A NOTICE THAT MY DV SERVER HAS BEEN TEMPORARILY DISABLED Greetings. If you are reading this, most likely you have received a notice regarding a spike in network activity on your (mt) Media Temple service. When network overuse is detected, our system will shutdown your VPS (virtual private server) to curtail the overuse of resources. Please note: We want your service to be back online and functioning in a healthy manner ASAP. In this brief article, we will cover important information to help you understand and resolve any outstanding issues. https://mediatemple.net/community/products/dv/204404134/faq:-i-received-a-notice-that-my-dv-server-has-been-temporarily-disabled.
27th May 2018 14 Ourselves
27th May 2018 15 ● Where does encryption take place?Where does encryption take place? ● At the server or at the origin?At the server or at the origin? ● Who has access to encrypted data?Who has access to encrypted data? ● What backup facilities are provided?What backup facilities are provided? ● Version recovery?Version recovery? ● Do they provide a DPA?Do they provide a DPA? Cloud Storage
27th May 2018 16 Backups It’s a backup Jim, butIt’s a backup Jim, but not as we know it!not as we know it!
27th May 2018 17 Make a plan
27th May 2018 18 ● Share you plan with your customers and visitors.Share you plan with your customers and visitors. ● Agree service levelsAgree service levels ● Use you plan and ability to set SLAs as a selling tool.Use you plan and ability to set SLAs as a selling tool. Market your plan
27th May 2018 19 Jurisdiction Access to your data? Free SSL certificates SFTP and SSH access WP-CLI Juristriction Encryption Version recovery Plans Backups Let’s recap
27th May 2018 20 If you know where your backups are when all about youIf you know where your backups are when all about you Are losing theirs and blaming it on the hostAre losing theirs and blaming it on the host If you can trust your recovery plan, when all doubt what to doIf you can trust your recovery plan, when all doubt what to do But make allowance for unexpected issues tooBut make allowance for unexpected issues too If you can be calm and communicate while recoveringIf you can be calm and communicate while recovering Or being shouted at, have all the answersOr being shouted at, have all the answers Or being hassled, don’t give way to panickingOr being hassled, don’t give way to panicking And yet don’t look to good, nor blame it on others:And yet don’t look to good, nor blame it on others: If you can talk with support and keep your pride,If you can talk with support and keep your pride, ' Or walk with techies - nor lose the common touch,' Or walk with techies - nor lose the common touch, if neither data loss nor recovery format can hurt you,if neither data loss nor recovery format can hurt you, If all customers count with you, but none too much;If all customers count with you, but none too much; If you can fill the unforgiving minuteIf you can fill the unforgiving minute With sixty seconds' worth of data recovered,With sixty seconds' worth of data recovered, Yours is the Website and everything that's in it,Yours is the Website and everything that's in it, And - which is more - you'll still be in business, my son!And - which is more - you'll still be in business, my son! With apologies to Rudyard Kipling.
27th May 2018 21 Image attributions: - Leo Lintang - ramcreative Dave PotterDave Potter http://mainplus.co.uk dave@mainplus.co.uk @MainplusUK

Recomendados

The Business Owner's Guide to Data Protection & Security
The Business Owner's Guide to Data Protection & SecurityThe Business Owner's Guide to Data Protection & Security
The Business Owner's Guide to Data Protection & Security
tvgconsulting
 
12 facts about backups
12 facts about backups12 facts about backups
12 facts about backups
Aaron Zimmerman
 
Backup and Disaster Recovery for Business Owners and Directors
Backup and Disaster Recovery for Business Owners and DirectorsBackup and Disaster Recovery for Business Owners and Directors
Backup and Disaster Recovery for Business Owners and Directors
Lucy Denver
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3
Meg Weber
 
Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?
Rob Fuller
 
Simple rules for it migration excellence
Simple rules for it migration excellenceSimple rules for it migration excellence
Simple rules for it migration excellence
Michelle Spaul
 
The 10 biggest threats to your information (caused by yourself the CEO)
The 10 biggest threats to your information (caused by yourself the CEO)The 10 biggest threats to your information (caused by yourself the CEO)
The 10 biggest threats to your information (caused by yourself the CEO)
Humoback
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your Downfall
Splunk
 

Recomendados

The Business Owner's Guide to Data Protection & Security
The Business Owner's Guide to Data Protection & SecurityThe Business Owner's Guide to Data Protection & Security
The Business Owner's Guide to Data Protection & Security
tvgconsulting
 
12 facts about backups
12 facts about backups12 facts about backups
12 facts about backups
Aaron Zimmerman
 
Backup and Disaster Recovery for Business Owners and Directors
Backup and Disaster Recovery for Business Owners and DirectorsBackup and Disaster Recovery for Business Owners and Directors
Backup and Disaster Recovery for Business Owners and Directors
Lucy Denver
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3
Meg Weber
 
Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?
Rob Fuller
 
Simple rules for it migration excellence
Simple rules for it migration excellenceSimple rules for it migration excellence
Simple rules for it migration excellence
Michelle Spaul
 
The 10 biggest threats to your information (caused by yourself the CEO)
The 10 biggest threats to your information (caused by yourself the CEO)The 10 biggest threats to your information (caused by yourself the CEO)
The 10 biggest threats to your information (caused by yourself the CEO)
Humoback
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your Downfall
Splunk
 
The big deal about big data
The big deal about big dataThe big deal about big data
The big deal about big data
PamTen Inc
 
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus
 
Logic1st_Paper_Backup
Logic1st_Paper_BackupLogic1st_Paper_Backup
Logic1st_Paper_Backup
Logic 1st Ltd
 
Are you GDPR compliant?
Are you GDPR compliant? Are you GDPR compliant?
Are you GDPR compliant?
TrekkSoft
 
Serianu - Data security
Serianu - Data securitySerianu - Data security
Serianu - Data security
Myles Freedman
 
Microsoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness GuideMicrosoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness Guide
DWP Information Architects Inc.
 
A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France
Splunk
 
Law Firm Security: How to Protect Your Client Data and Stay Compliant
Law Firm Security: How to Protect Your Client Data and Stay CompliantLaw Firm Security: How to Protect Your Client Data and Stay Compliant
Law Firm Security: How to Protect Your Client Data and Stay Compliant
Clio - Cloud-Based Legal Technology
 
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Ron Pierce
 
Anatomy of a Lousy Pitch: The Six Worst Presentation Habits and How You Can...
Anatomy of a Lousy Pitch: The Six Worst Presentation Habits and How You Can...Anatomy of a Lousy Pitch: The Six Worst Presentation Habits and How You Can...
Anatomy of a Lousy Pitch: The Six Worst Presentation Habits and How You Can...
Landslide Technologies
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdpr
Exponential_e
 
232 a7d01
232 a7d01232 a7d01
232 a7d01
SMK PRASASTI KARANG BERAHI JAMBI
 
FPRA Capital Chapter: Managing a Hack
FPRA Capital Chapter: Managing a HackFPRA Capital Chapter: Managing a Hack
FPRA Capital Chapter: Managing a Hack
Sandra Fathi
 
CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...
CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...
CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...
Financial Poise
 
12th July GDPR event slides
12th July GDPR event slides12th July GDPR event slides
12th July GDPR event slides
Exponential_e
 
"We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec..."We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec...
Jisc
 
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOs
gppcpa
 
The X Factor in Data Centric Security
The X Factor in Data Centric SecurityThe X Factor in Data Centric Security
The X Factor in Data Centric Security
Watchful Software
 
Thriving in the world of Big Data
Thriving in the world of Big DataThriving in the world of Big Data
Thriving in the world of Big Data
Livingstone Advisory
 
A Day in the Life of a GDPR Breach
A Day in the Life of a GDPR BreachA Day in the Life of a GDPR Breach
A Day in the Life of a GDPR Breach
Splunk
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Más contenido relacionado

Similar a Follow the data

The big deal about big data
The big deal about big dataThe big deal about big data
The big deal about big data
PamTen Inc
 
Logic1st_Paper_Backup
Logic1st_Paper_BackupLogic1st_Paper_Backup
Logic1st_Paper_Backup
Logic 1st Ltd
 
Are you GDPR compliant?
Are you GDPR compliant? Are you GDPR compliant?
Are you GDPR compliant?
TrekkSoft
 
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Ron Pierce
 
CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...
CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...
CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...
Financial Poise
 
A Day in the Life of a GDPR Breach
A Day in the Life of a GDPR BreachA Day in the Life of a GDPR Breach
A Day in the Life of a GDPR Breach
Splunk
 

Similar a Follow the data (20)

The big deal about big data
The big deal about big dataThe big deal about big data
The big deal about big data
 
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
 
Logic1st_Paper_Backup
Logic1st_Paper_BackupLogic1st_Paper_Backup
Logic1st_Paper_Backup
 
Are you GDPR compliant?
Are you GDPR compliant? Are you GDPR compliant?
Are you GDPR compliant?
 
Serianu - Data security
Serianu - Data securitySerianu - Data security
Serianu - Data security
 
Microsoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness GuideMicrosoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness Guide
 
A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France
 
Law Firm Security: How to Protect Your Client Data and Stay Compliant
Law Firm Security: How to Protect Your Client Data and Stay CompliantLaw Firm Security: How to Protect Your Client Data and Stay Compliant
Law Firm Security: How to Protect Your Client Data and Stay Compliant
 
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
Free Report 16 Critical Questions You Must Ask Before Hiring Any IT Company -...
 
Anatomy of a Lousy Pitch: The Six Worst Presentation Habits and How You Can...
Anatomy of a Lousy Pitch: The Six Worst Presentation Habits and How You Can...Anatomy of a Lousy Pitch: The Six Worst Presentation Habits and How You Can...
Anatomy of a Lousy Pitch: The Six Worst Presentation Habits and How You Can...
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdpr
 
232 a7d01
232 a7d01232 a7d01
232 a7d01
 
FPRA Capital Chapter: Managing a Hack
FPRA Capital Chapter: Managing a HackFPRA Capital Chapter: Managing a Hack
FPRA Capital Chapter: Managing a Hack
 
CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...
CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...
CYBER SECURITY and DATA PRIVACY 2022: Data Breach Response - Before and After...
 
12th July GDPR event slides
12th July GDPR event slides12th July GDPR event slides
12th July GDPR event slides
 
"We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec..."We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec...
 
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOs
 
The X Factor in Data Centric Security
The X Factor in Data Centric SecurityThe X Factor in Data Centric Security
The X Factor in Data Centric Security
 
Thriving in the world of Big Data
Thriving in the world of Big DataThriving in the world of Big Data
Thriving in the world of Big Data
 
A Day in the Life of a GDPR Breach
A Day in the Life of a GDPR BreachA Day in the Life of a GDPR Breach
A Day in the Life of a GDPR Breach
 

Último

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 

Último (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Follow the data

  • 1. Follow the DataFollow the Data Dave PotterDave Potter Mainplus Technology
  • 2. 27th May 2018 3 Why me? ● Started in IT in 1977Started in IT in 1977 ● Managed computer operations and technical support for a largeManaged computer operations and technical support for a large proportion of that timeproportion of that time
  • 3. 27th May 2018 4 ` ● It’s the right thing to do!It’s the right thing to do! ● WeWe sub-contract responsibility but not accountability.sub-contract responsibility but not accountability. ● Ensure suppliers will protect our dataEnsure suppliers will protect our data ● GDPR and the UK equivalentGDPR and the UK equivalent ● https://wordpress.tv/2017/11/12/heather-burns-designing-for-data-protection/https://wordpress.tv/2017/11/12/heather-burns-designing-for-data-protection/ ● https://wordpress.tv/2016/11/01/heather-burns-get-to-grips-with-gdpr/https://wordpress.tv/2016/11/01/heather-burns-get-to-grips-with-gdpr/ ● https://wordpress.tv/2017/11/11/claude-saulnier-4-steps-to-tackle-the-forthcoming-changes-in-https://wordpress.tv/2017/11/11/claude-saulnier-4-steps-to-tackle-the-forthcoming-changes-in- data-privacy-law/data-privacy-law/ ● Protection from virus’, WordPress© security, Security pluginsProtection from virus’, WordPress© security, Security plugins ● http://wordpress.tv/2016/08/09/tim-nash-security-is-everyones-responsibilityhttp://wordpress.tv/2016/08/09/tim-nash-security-is-everyones-responsibility// Caring for our users’ data
  • 4. 27th May 2018 5 The user “Hello Computer”
  • 5. 27th May 2018 6 The Datacentre
  • 6. 27th May 2018 7 ● What legislative jurisdiction(s) applyWhat legislative jurisdiction(s) apply ● Where is/are the data center(s) located?Where is/are the data center(s) located? ● Who owns the infrastructure in the data centre?Who owns the infrastructure in the data centre? ● Who has control of who can access data?Who has control of who can access data? ● What is the policy and process if a government agency asks forWhat is the policy and process if a government agency asks for access to data?access to data? Jurisdiction
  • 7. 27th May 2018 8 ● AndorraAndorra ● ArgentinaArgentina ● Canada (commercial organisations)Canada (commercial organisations) ● Faroe IslandsFaroe Islands ● GuernseyGuernsey ● IsraelIsrael ● Isle of ManIsle of Man ● JerseyJersey ● New ZealandNew Zealand ● SwitzerlandSwitzerland ● UruguayUruguay ● US (limited to the Privacy Shield framework)US (limited to the Privacy Shield framework) Recognised by EU as providing adequate protection.Recognised by EU as providing adequate protection. Adequacy
  • 8. 27th May 2018 9 ● Replaced Safe harbour July 2016Replaced Safe harbour July 2016 ● Allows companies to self certifyAllows companies to self certify ● As of today - over 2,739 companies certified by the U.S.As of today - over 2,739 companies certified by the U.S. Department of Commerce.Department of Commerce. https://www.privacyshield.gov/listhttps://www.privacyshield.gov/list ● On the commercial side, the WP29 called for details on theOn the commercial side, the WP29 called for details on the handling of HR data, automated decision-making and clarity onhandling of HR data, automated decision-making and clarity on available recourse for data subjects.available recourse for data subjects. ● On the national security side the WP29 “regrets” PresidentialOn the national security side the WP29 “regrets” Presidential Policy Directive 28 - surveillance activities need to safeguardPolicy Directive 28 - surveillance activities need to safeguard personal information regardless of where the person resides -personal information regardless of where the person resides - still subject to Presidential privilege.still subject to Presidential privilege. ● European officials unhappy about US stalling on promising notEuropean officials unhappy about US stalling on promising not to force companies to hand over their data secretly to theto force companies to hand over their data secretly to the intelligence services.intelligence services. Privacy Shield
  • 11. 27th May 2018 12 ● Are free SSL certificates provided (“Let’s Encrypt”)?Are free SSL certificates provided (“Let’s Encrypt”)? ● SFTP and SSH access?SFTP and SSH access? ● What backup facilities are provided?What backup facilities are provided? ● Where are they stored?Where are they stored? ● ...... shall not be responsible nor be liable for any loss, damage,shall not be responsible nor be liable for any loss, damage, costs or expenses or other claims howsoever arising forcosts or expenses or other claims howsoever arising for compensation for any data, file or other material being damaged,compensation for any data, file or other material being damaged, corrupted, lost or otherwise affected.corrupted, lost or otherwise affected. ● WP-CLI?WP-CLI? ● Wordcamps are a great place to find out information!Wordcamps are a great place to find out information! Hosting
  • 12. 27th May 2018 13 Who Pulled the Plug? https://mediatemple.net/community/products/dv/204404134/faq:-i-received-a-notice-that-my-dv-server-has-been-temporarily-disabled. FAQ: I RECEIVED A NOTICE THAT MY DV SERVER HAS BEEN TEMPORARILY DISABLED Greetings. If you are reading this, most likely you have received a notice regarding a spike in network activity on your (mt) Media Temple service. When network overuse is detected, our system will shutdown your VPS (virtual private server) to curtail the overuse of resources. Please note: We want your service to be back online and functioning in a healthy manner ASAP. In this brief article, we will cover important information to help you understand and resolve any outstanding issues. https://mediatemple.net/community/products/dv/204404134/faq:-i-received-a-notice-that-my-dv-server-has-been-temporarily-disabled.
  • 14. 27th May 2018 15 ● Where does encryption take place?Where does encryption take place? ● At the server or at the origin?At the server or at the origin? ● Who has access to encrypted data?Who has access to encrypted data? ● What backup facilities are provided?What backup facilities are provided? ● Version recovery?Version recovery? ● Do they provide a DPA?Do they provide a DPA? Cloud Storage
  • 15. 27th May 2018 16 Backups It’s a backup Jim, butIt’s a backup Jim, but not as we know it!not as we know it!
  • 17. 27th May 2018 18 ● Share you plan with your customers and visitors.Share you plan with your customers and visitors. ● Agree service levelsAgree service levels ● Use you plan and ability to set SLAs as a selling tool.Use you plan and ability to set SLAs as a selling tool. Market your plan
  • 18. 27th May 2018 19 Jurisdiction Access to your data? Free SSL certificates SFTP and SSH access WP-CLI Juristriction Encryption Version recovery Plans Backups Let’s recap
  • 19. 27th May 2018 20 If you know where your backups are when all about youIf you know where your backups are when all about you Are losing theirs and blaming it on the hostAre losing theirs and blaming it on the host If you can trust your recovery plan, when all doubt what to doIf you can trust your recovery plan, when all doubt what to do But make allowance for unexpected issues tooBut make allowance for unexpected issues too If you can be calm and communicate while recoveringIf you can be calm and communicate while recovering Or being shouted at, have all the answersOr being shouted at, have all the answers Or being hassled, don’t give way to panickingOr being hassled, don’t give way to panicking And yet don’t look to good, nor blame it on others:And yet don’t look to good, nor blame it on others: If you can talk with support and keep your pride,If you can talk with support and keep your pride, ' Or walk with techies - nor lose the common touch,' Or walk with techies - nor lose the common touch, if neither data loss nor recovery format can hurt you,if neither data loss nor recovery format can hurt you, If all customers count with you, but none too much;If all customers count with you, but none too much; If you can fill the unforgiving minuteIf you can fill the unforgiving minute With sixty seconds' worth of data recovered,With sixty seconds' worth of data recovered, Yours is the Website and everything that's in it,Yours is the Website and everything that's in it, And - which is more - you'll still be in business, my son!And - which is more - you'll still be in business, my son! With apologies to Rudyard Kipling.
  • 20. 27th May 2018 21 Image attributions: - Leo Lintang - ramcreative Dave PotterDave Potter http://mainplus.co.uk dave@mainplus.co.uk @MainplusUK