Categories
Articles

Progress on a European approach to Cloud Computing

The ASPIRE study on the future of National Research and Education Networks calls for European NRENs to work together on a common approach to cloud computing. The European Commission has just published a Cloud Strategy that also seeks a common European approach, noting that “faced with 27 partly diverging national legislative frameworks, it is very […]

Categories
Articles

ENISA on cyber incident reporting

ENISA have  published an interesting report on cyber incident reporting. Their scope is wide – incidents range from the failure of a certificate agency to storms creating widespread power (and therefore connectivity) outages. In each of these areas they find a common pattern, where governments are trying to encourage (or mandate) notification of incidents in […]

Categories
Presentations

Cooperation between CERTs and Law Enforcement

I participated in an interesting discussion last week at ENISA’s Expert Group on Barriers to Cooperation between CERTs and Law Enforcement. Such cooperation seems most likely to occur with national/governmental CERTs but I’ve been keen to avoid recommendations that they be given special treatment, not least because of the risk that such treatment might actually […]

Categories
Articles

BYOD toolkit

The US Government’s CIO Council has published an excellent toolkit to help organisations develop appropriate policies for employees to use their own laptops and smartphones for work (known as Bring Your Own Device or BYOD). The toolkit identifies three different technical approaches to controlling the security of the organisation’s information: Use virtualisation so that the […]

Categories
Articles

Defamation Bill – Clarifications on Third Reading

The Defamation Bill completed its passage through the House of Commons this week with only minor changes to the provisions for third party postings on websites: A new power (New Clause 1) will be created for a court to order takedown of an article if it has been the subject of a successful defamation case. […]

Categories
Articles

Federations: next challenges

Last week’s REFEDs and VAMP meetings in Utrecht invited identity federations to move on to the next series of technical and policy challenges. Current federations within research and education were mostly designed to provide access to large commercial publishers and other services procured by universities and colleges for their individual members. Services and arrangements are […]