Tech me for the weekend!

I’ve produced a podcast for the weekend post over the last couple of months, giving a round up of good podcast content I’d caught over the week that you may of missed.

Well never one to stand still I’m stretching the scope of this post to include blogs and articles as well as podcasts.. so just things that have caught my eye and that you may of missed in your busy week.

I’ll eventually get around to change the post graphic… but heah it’s the weekend so the old one will do for now!

Podcasts

Let’s start with some listening pleasure – a couple of shows you may enjoy –

Speaking in Tech – Hacking Microsoft Windows

One of the industries bigger shows, so perhaps doesn’t need my promotion, but in a bit of a different episode, the team are joined by Chris Wysopal, noted hacker and CTO/co-founder of Veracode, as they talk about application security and how the world is changing and how our approach to security needs to change too.

Speaking in Tech

CTO Advisor – DevOps from the ground up

Keith Townsend delivers another show (only short about 13 minutes) doing a bit of a DevOps revisit, some great points covered with guest, Cloud Architect Jon Hildebrand, as they discuss what DevOps is and the cultural shift you need for it to work.

CTO Advisor

Storage Unpacked

Referenced this show before, run by a team of tech analysts who delve into the world of storage, this week an interesting chat with Chris Wahl of Rubrik, as they look at the secondary storage market place and how gaining value from data is becoming a significant part of the “backup data” market and how it’s changing how we protect our data.

It’s all about the data people!

Storage Unpacked

To round up the bumper selection of podcasts.. a bit of self promotion..

First up I got the chance to appear on the Veeam community podcast, discussing the work I do around data security and privacy, the impact of the upcoming GDPR legislation and how to build solid ransomware defences, all that and more with Veeam’s Michael Cade.

Veeam Community Podcast

And of course the most recent Tech Interviews – as I chatted with Mark Carlton about data fabrics, what they are and why they are an important part of your modern data strategy. Mark shares his experiences building a NetApp data fabric and the problems its helped him solve.

Weaving a data fabric – Mark Carlton – Ep 23

The Articles

As an additional gift, I thought I’d add a list of interesting articles I’ve read over the last week as well;

How GDPR could affect your business

Fresh from his Tech Interview adventures Mark Carlton shares his thoughts on GDPR and how it may affect your business. Read it here

Data Storage: The Need For Flexibility And Scalability

This one from Forbes talking about modern data storage, what interested me here was it supported the view that the storage conversation needs to be much wider, looking at a holistic data strategy not just disks and flashing lights. Find it here

10 Digital Workplace Trends Shaping the Future of Work

This article talks about the challenges that business are coming up against as they try to embrace new methods of working in enterprises that are not really ready for it! Read it here

What I’ve Learned about GDPR

Last up my own GDPR focussed post, as I look at some of the things I’ve learned as I’ve immersed myself in the GDPR world over the first part of 2017, I look at what it is, what it isn’t, where technology plays a part and why it is something to embrace and not fear! Enjoy it here

Hopefully that should keep you busy… if there’s anything that I’ve missed hit me up @techstringy on the twitters and let me know – have a great weekend

 

 

 

What I’ve Learned About GDPR

The EU’s General Data Protection Regulation (GDPR) that comes into effect in May 2018 is a subject that has moved to the top of many a list of priorities and is going to have a major effect on how we handle personal data.

Over the last year, I’ve spoken with businesses about their data security, how to avoid data loss, leaks and insider threats. However, over the first 3 months of this year (2017) this conversation, driven by GDPR, has shifted to compliance and privacy.

However, it’s evident that not everyone is either aware of the forthcoming changes or how to build privacy and security policies to deal with the complex problems it presents.

Over the last few months I’ve been pretty absorbed in the world of GDPR and thought it’d be useful to share a few of the things I’ve learned that may help you with your own privacy and security strategy.

It’s complicated

GDPR is a complicated bit of legislation, its scope is vast and too some degree we will all be affected, whether as organisations having to sort out our compliance or as individuals whose data will fall under the scope of the regulation, we will see lots of changes.

Remember it is a complex bit of legislation, which leads to…

Good news, GDPR is not an IT problem

It’s true, it’s a legal and compliance issue, not an IT one, just because we are talking about data, an organisation cannot say, “it’s data so can’t IT just sort it out?”

Absolutely not, IT will be a critical partner for helping to deliver compliance, but only in the same way the Board, HR, Finance or anyone who touches data is going to be a key partner in maintaining compliance.

Is your organisations view of GDPR that it is only an IT problem? If it is then you need to look at how you educate them, quickly, that it isn’t!

Roughly what is it?

We’ve heard what it isn’t so what is it?

In its simplest form it is updated legislation, replacing the EU’s data protection directive, but it goes beyond updating, growing in scope and potential penalties for noncompliance.

To quote the EU ;

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

The goal of GDPR is too ensure the personal data held about us can only be used for the purposes it was gathered for and is treated with due care to ensure it is not abused by those who would wish to exploit it.

It’s privacy, not security

One of my go to people when it comes to data privacy is NetApp’s Sheila Fitzpatrick, Sheila is a data privacy attorney with nearly 35 years’ privacy experience and is NetApp’s data privacy officer and global privacy counsel.

Sheila makes the point that data security, IS NOT data privacy.

Data privacy is much wider in scope than just security, Sheila likes to use the example of a data privacy wheel, where security is just one spoke on that wheel.

When designing data privacy solutions, we should understand the full lifecycle of the personal data we collect, assess, process and use, from the minute we collect it until we finally destroy it.

If your organisation is looking at GDPR and saying, “isn’t that just more of that IT security stuff” then it’s time to educate again, it’s so much more than just security.

Will it affect me? Does it matter if I’m not in the EU?

Both valid and common questions, the answer, pretty much every time is a resounding yes. It doesn’t matter is you are inside or outside of the EU.

Location is irrelevant, if you hold data on EU citizens, regardless of where you are based, then you will fall under the scope of GDPR.

What about putting data in the cloud?

Cloud presents an interesting issue, as actually does the placing of data with any 3rd party, as the data controller, you are ultimately responsible for what happens to it. The general advice is to ensure two things, if you are passing your data to someone to process ensure that you have a clear contract in place with them.

If you are looking to a cloud provider, then ensure they have appropriate data privacy policies and safeguards in place so that you are not exposed to risk.

What should I do?

What are some steps you should be taking?

Dealing with GDPR is going to be a constant challenge so it’s important to get started, here’s where I’d start;

  • What are my current policies and are they appropriate?
  • Understand your current data, where is it, how much do I have, who has access, what does it contain?
  • Why do you have that data and why do you collect it.
  • Educate your business, so that from top to bottom people understand the importance of data privacy and the impact that this new regulation will have.
  • Deliver your GDPR compliance plan.

You’ll notice there is very little technology highlighted in those initial steps, maybe something to help you to understand your current data sets, but apart from that, it’s policies, procedures and education.

Technology will have a place, in reality, you are going to find it hard to remain compliant without some technical tools and resources to help you do it.

What have I learned?

There is lots too learn!

It’s complex, it’s not a technical problem with a “silver bullet” to fix it. It is a business legal and compliance issue.

The most interesting thing I’ve discovered though, is even if GDPR wasn’t something we had to comply with, it is something that contains such a level of good and sensible practice it is something that we would want to adopt anyway.

Because in the end, it’s all about our data, let’s keep it secure and private.

For more GDPR resources try out some of the following;

EU GDPR Site

UK Information Commissioners Office

You can also check out a friend of mine, Mark Carlton and an excellent GDPR post he recently published.

How GDPR could affect your business

I also did a series of podcasts to support a recent event that we ran, they cover GDPR in broad terms as well as looking at some specifics on data management and how to work with your people, feel free to check them out;

Best Take Care Of Those Crown Jewels – Sheila Fitzpatrick – Ep 17

Don’t Build Your Data Privacy House Upside Down – Sheila Fitzpatrick – Ep 18

What you don’t know, may hurt you – John Hughes – Ep 20

Make People Our Best Data Security Asset – Dom Saunders – Ep 19

.

Podcasts for the weekend – 6th April 2017

Another weekend rolls around, so what podcasts are going to keep you wrapped warm in a blanket of tech knowledge?

Picked up a handful of good listens this week to share;

So here goes;

Microsoft Partner Network – Personal branding and social selling

Social networks have no doubt changed the way that we look to interact, look to sell and of course look to buy. But it’s also become an important part of career development for many of us. This episode of the Microsoft partner podcast brings in Microsoft Director of Business strategy Jen Sieger to talk about how personal branding and thoughtful social selling can help to grow your business and career.

MS Partner Podcast

Datanauts – Transitioning to a less technical role

An interesting part of career development for many of us, is that time when we decide we need to step back from the tools and pursue a less technical role, maybe one that is more management, strategic or technical marketing. Now although this is not for everyone, for those that do want to make that shift, it isn’t often that easy.

This episode Tom Hollingsworth shares with the Datanauts team how he managed that move, how he balanced the less hands on with his want to maintain his technical knowledge and how he looks at whether to keep his certifications.

Datanauts – Transitioning to a less technical role

Cloudcast – VMware beyond virtualisation

Not sure if I’ve mentioned this podcast before, but it’s a well established goodie, this is episode 292 and talks with Chris Wolf, VP & CTO, global field & industry at VMware, as they discuss emerging trends in the enterprise as well as looking a little into the crystal ball of tech to see what we can expect to see coming in the not too distant future.

Cloudcast – VMware beyond virtualisation

Tech interviews – Availability as part of digital transformation

This week I was joined by serial Tech Interviews offender Michael Cade of Veeam. He’s been talking to me for a few months now about this idea of Availability as part of digital transformation, so I thought it was about time I got him on to explain himself.

So I did!.. we discuss the what we mean by digital transformation, what risks that introduces and how we need to ensure we maintain traditional availability design principles, or else we may find we are going to not only impact our technology, but our business too…

Availability as part of digital transformation – Michael Cade – Ep 22

I hope you enjoy the shows, if you have some podcasts you’d like to share, tweet me @techstringy and let me know…

 

Podcasts for the weekend 24th March

Another weekend – another couple of tech podcasts you may want to give a listen to…

MS Partner Podcast

This is a relatively new one for me and although it’s pitched at Microsoft partners, there is lots of great general technical and IT career information in there.

This is quite an old episode I came across from last year, a chat with Christian Buckley, talking about why companies should hire technology evangelists, not only why they should, but how that role can be a huge benefit.

Well worth a listen if you are interested in that kind of career move or wondering if it the kind of role your business needs;

MS Partner Podcast

Veeam Community Podcast

Missed this one last week (sorry!), Veeam are one of my favourite software companies and have had a long established communities podcast.

However it has had a little hiatus, but now it’s back, with a new host in Michael Cade (@MichaelCade1) – in this new show, he picks on one of my favourite technologies with another podcast favourite VMware’s Pete Flecha veeamcommunitypodcastlogo(@vPedroArrow)as they discuss VMware’s VVOLS technology, what that delivers and why it’s a smart technology. There is also a great chat about tech community on the end.. great show, looking forward to more;

Veeam Podcast

Tech Interviews

As always, a plug for my own show here to.. this week I chat with John Hughes of Varonis, as we discuss the important of data and user insights as we continually look at how we better understand and secure our data.techstringy interviews logo

“If you don’t know about it, you can’t protect it”

What you don’t know, may hurt you – John Hughes – Ep 20

 

Enjoy the shows and have a great weekend.

 

 

 

 

 

What you don’t know, may hurt you – John Hughes – Ep 20

We are all familiar with the saying “what you don’t know, won’t hurt you”. Well in the world of data management, security and privacy the opposite is most definitely true.

For most of us, as our organisations become more digital, we are increasingly realising the value of our data, how big an asset it is and how important maintaining it is.

However, although we understand how valuable our data is, we actually have very little insight into what is happening to it on a day to day basis.

Ask yourself, do you know exactly what data you have across your business, do you know exactly who has access to it, where it is stored, when it gets accessed, if it even gets accessed and when it’s accessed what gets done with it?

In my time administering IT systems, or working with those that do, I’ve lost count of the amount of times I’ve been asked “who changed that file”, “who deleted that file?”, “can you tell me the files that a user has accessed and copied to a USB stick?” the answer is normally no, and it’s normally no, because our standard storage solutions can’t tell us.

Imagine a logistics company asking questions like, “who’s driving that lorry”, “who was the last person to drive it?”, “where is Fred taking that lorry?”, “can you tell me the type of lorries we have?” and been told, no, we don’t know any of that information, ridiculous right? Yet we do that with our data asset.

We have talked in recent episodes about the threat to our data security and privacy, be it policies or procedures or our people. Just as significant a threat is the inability to fully understand what is going on with our data sets, a lack of insight and analysis means it’s very easy for our data to be abused, lost and stolen without us having the slightest knowledge of it happening.

That’s our focus this week, in the last of our data security & privacy episodes, I chat withjohn hughes John Hughes of Varonis. Varonis provide data analytics and insights into how we use our data, what our data is, who is using it, what it’s used for and if it’s even used at all.

We discuss a little of the history of Varonis, why data insight is so critical, why it’s a cornerstone of our ability to meet compliance requirements and how it’s a crucial part of our defence against data security attacks.

Enjoy the show and thanks for listening.

To find out more about Varonis;

Check out varonis.com

Have a look at their excellent range of BLOGS at blog.varonis.com and of course follow them on twitter @varonis

You can also request a free GDPR data assessment via their website

If you want to learn more about any of the topics in this series, and you are in the North West England on April 5th, you can join me and a range of speakers at www.northwestdataforum.co.uk

You can find the previous 3 episodes in this series here;

Best Take Care Of Those Crown Jewels – Sheila Fitzpatrick – Ep 17

Don’t Build Your Data Privacy House Upside Down – Sheila Fitzpatrick – Ep 18

Make People Our Best Data Security Asset – Dom Saunders – Ep 19

If you’ve enjoyed this episode, then why not subscribe;
Subscribe on Android

http://feeds.soundcloud.com/users/soundcloud:users:176077351/sounds.rss

Podcasts for the weekend 17th March 2017

It’s Friday, what on earth am I going to do with a weekend away from the world of tech?

Don’t worry my friends, take some tech with you by way of these fine tech podcasts…

Tech ONTAP

The NetApp boys are in again this week, another cracking episode, this time talking with NetApp CTO Dr. Mark ep77Bregman as they brush off their crystal ball to discuss the future of data and how it is the new business currency.

Tech ONTAP Ep 77 – 2017 CTO Predictions

 

Observed Tech Podcast

If you have an interest in all things Windows, then the excellent Rich Hay (better known as @winobs on the twitters)  shares the latest in what is happening in the world of Microsoft Windows.

A great info packed podcast and certainly keeps you bang up to date with the world of Windows and beyond.

In this episode plenty of insider builds, as well as a sprinkling of XBOX and the Google Cloud Next Conference.

Observed Tech Ep 221

IT Governance

This is a handy little show – only 3-4 minutes long, but provides a great round up of data security news, talking latest threats, breaches and information around IT Governance and Security.

Always 5 minutes well spent this.

IT Governance Podcast

Tech Interviews

And if all that isn’t enough – why not give Tech Interviews a listen, as this week we discuss the human side of data security and privacy. How do we turn our people into our best security asset?dom saunders

That’s the challenge that NETconsent’s Dom Saunders helps me to take on, so if you want your people as part of your data security armoury, this could be just the show for you.

Make People Our Best Data Security Asset

 

 

 

 

 

 

Podcasts for the weekend 10th March

It’s Friday, so I know what you are asking, What on earth should I be loading up into my podcast players for some weekend tech listening Uncle Techstringy?

Well I am glad you asked, here’s some shows I’ve heard this week, that I think are well worth sharing;

Tech ONTAP

This is the NetApp podcast, always a great resource for learning about NetApp technologies and strategy, occasionally though, they also bring atechontap ep76 with yahoo topic with wider appeal for those who are a non NetApp audience, and this is one such episode.

Yahoo’s Jeff Mohler joins the team to talk about how Yahoo develop their infrastructure and the methodologies they use to measure performance, troubleshoot and deploy technology and how they have built their own tools for doing so.

Tech ONTAP Episode 76

Arrow Bandwidth

A little double header here. Arrow ECS are a global technology distributor so not necessarily a name you’d be familiar with. However our hosts David Fearne andarrow-bandwidth-logo-header Rich Holmes bring together shows covering a wide range of topics.

These two shows are looking at technology predictions for 2017. A lot of things I’m on board with, especially around data, management, security and analytics. I’d agree that they are all going to be things we see develop significantly this year.

Have a listen to the two episodes and see what you think;

Tech Trends Part 1

Tech Trends Part 2

Freakonomics

A bit off topic this one… some of you maybe familiar with the very successful Freakonomics book, but the equally excellent podcast is always thought provoking and quick to challenge common held perceptions.freakanomics

This episode from a couple of weeks ago caught my attention, as it looked at the visual effects industry and how it’s possible for a seemingly very successful industry to be derailed by the effect of things outside of their control.

Always worth a listen.

No Hollywood ending for the visual effects industry

Tech Interviews

No list is complete without my own podcast. This week is part 2 of my chat with Sheila Fitzpatrick regarding data privacy.022617_1149_Besttakecar1.jpg

We pick up on the specific effect of GDPR on the UK and the wider impact on countries outside of the EU. We then take on the challenge of how do we start to build our data privacy policies and controls.

The focus is, make sure you get your foundations right, because without that, we may well find out data privacy house falling down.

Check it our here;

Don’t Build Your Data Privacy House Upside Down – Sheila Fitzpatrick – Ep 18

Enjoy the podcasts and have a great weekend.