Blog posts by Mike Small

Can users do a good job of classifying unstructured data? Tim Upton, president of Titus told the attendees at NISC in St Andrews Scotland that he believes they can. He cited figures that indicate most data breaches are due to mistakes rather than deliberate misuse or theft. It should be noted that Titus provides software that allows users to do just that when they create an e-mail, document, presentation or other similar kinds of files. When they create the object the software will prompt them to classify it according to a predefined set of categories. These categories can match a...

Symantec recently announced their Endpoint Management Strategy and Release 7.1 of the Altiris product.  Managing the software patch level and software licenses on desktops, laptops, and mobile devices is a significant workload for organizations.  This work is essential to protect the devices, the information that they contain and to comply with licensing and other matters.  However it does not, in itself, add organizational value. This kind of management is technically very challenging and needs sophisticated tools to meet these challenges.  According to DHL’s Jan Trnka Global...

In Brussels on March 22nd Neelie Kroes, Vice-President of the European Commission responsible for Digital Agenda European Cloud Computing Strategy, made a speech at the opening of the Microsoft Centre for Cloud Computing and Interoperability. In this she said “...to offer a true utility in a truly competitive digital single market, users must be able to change their cloud provider easily. It must be as fast and easy as changing one’s internet or mobile phone provider has become in many places...” So what are the difficulties to achieving that goal and how far are we away from it now?...

Identity Management – Process or Technology? RSA recently announced SEC 8-K filing a security breach, relating its SecureID authentication technology.   This reopens the question of which is the most important factor in identity management – processes or technology? One line of thinking has been that the major cause of identity theft and data loss is poor process and that strengthening the process is the key approach. Strong processes are indeed required but a strong process can be undermined by a weakness in  technology.   Authentication: The electronic...

Last week I had the privilege of attending a seminar at which Peter Hustinx, the EU Privacy Commissioner outlined the future approach on personal data protection in the European Union.   This approach includes “a right to be forgotten” as well as mandatory data breach reporting.   Given that the WikiLeaks website has recently released 2.5 million documents that were supposedly “private” reports by US embassies - you might ask “what does privacy mean?”  Well privacy in this context is more narrowly defined to be privacy of personal information. In the EU privacy is based on the...