Month: February 2014

Low-risk identifiers in Access Management

Post author By Andrew Cormack
Post date 14 February 2014
No Comments on Low-risk identifiers in Access Management

The Information Commissioner’s analysis of the European Parliament’s amendments to the draft Data Protection Regulation discusses the wide range of information that falls within the definition of “personal data” and gives examples that seem particularly relevant to identity federations. The Information Commissioner considers that identifiers pose a higher privacy risk if they are “interoperable”. Since […]

Tags Access Management, Data Protection Regulation

Articles

Swiss law on malware-infected domains

Post author By Andrew Cormack
Post date 14 February 2014
No Comments on Swiss law on malware-infected domains

The recent TF-CSIRT meeting in Zurich included a talk by the Swiss telecoms regulator (like ours, called Ofcom, though their ‘F’ stands for Federal!) on the law covering websites in the .ch domain that distribute malware, normally as the result of a compromise. Under this law a designated authority can order the temporary or permanent […]

Tags #TFCSIRT, Botnets, DNS, Incident Response, Malware

Articles

Travelling with encrypted devices

Post author By Andrew Cormack
Post date 11 February 2014
No Comments on Travelling with encrypted devices

Most portable devices – laptops, smartphones and memory sticks – should be encrypted so that the information they contain is protected if the device is lost or stolen. Many countries (including the UK) give their immigration and other authorities legal powers to demand that you decrypt an encrypted device though given the number of laptops […]

Tags Data Protection Regulation, Encryption, Information Security