European e-privacy regulation

As the name says, the European e-privacy regulation, replaces the 2002 (revised, 2009) e-privacy directive with a new instrument, turning a directive into a regulation. As a reminder, directive is a regulatory instrument that has to be implemented in each … Read More

Digital Identity

Digital Espionage

James Bond, Ethan Hunt, Maxwell Smart, Johnny English have all been turned into relics. The Mission Impossible franchise is still up & running, but in the real world, the dark allies, wide brimmed hats and meetings on a park benches … Read More

Equifax Breach Under GDPR

The big Equifax breach has been on the headlines for over a week. If you’re not aware of it – please google it. There are a lot of blogs and articles out there. This will be one of those blogs. … Read More

GDPR Configuration Tip #2 – Minimum information collection and disclosure

In this series we look at practical tips on how to configure the Ubisecure Identity Platform for GDPR compliance. This second entry deals with GDPR compliance in terms of data collection and disclosure and how your organization can move towards … Read More

The Importance of Sticking to Your (Information) Security Policies and Procedures When Outsourcing

The recent classified data breach in Sweden is destabilizing the government. The story that has gradually been breaking out this summer is quite astonishing. At the time of the writing of this blog the Swedish government is regrouping after the … Read More

The New NIST Digital Identity Guidelines (SP 800-63-3)

NIST (National Institute of Standards and Technology) published the new guidelines on digital identity on June 22nd, 2017. The most notable change is the retirement of the concept of Level of Assurance (LoA) as an evaluation criteria when it comes … Read More

Preparing for general data protection regulation

Preparing for General Data Protection Regulation (GDPR) – part IV

Guest blogger Richard Hancock continues his series on GDPR preparation.   Today is a very important day.  Exactly 1 year / 12 months / 52 weeks / 365 days, until enforcement of the biggest revolution in data protection, subject’s rights … Read More

Preparing for general data protection regulation

Preparing for General Data Protection Regulation (GDPR) – part III

Guest blogger Richard Hancock continues his series on GDPR preparation.   In my second blog on GDPR we mentioned two of the major mitigating preventative measures provisioned for within the GDPR – pseudonymising and encryption.  Today, we’re going to look … Read More

Preparing for general data protection regulation

Preparing for General Data Protection Regulation (GDPR) – part II

Guest blogger Richard Hancock continues his series on GDPR preparation.   In my last GDPR blog, I gave you an overall summary of the 2018 regulation.  Now I’m going to delve into some of the finer detail. Let’s start with … Read More

Preparing for general data protection regulation

Preparing for General Data Protection Regulation (GDPR)

In May 2016 the biggest shake up of data protection in its history was ratified in the form of the EU General Data Protection Regulation (GDPR). The GDPR is designed to support the needs of a digital world that is … Read More