Use longer passwords. With 15 characters and avoiding obvious words you’ll be quite safe.
Use an easy way to recall your passwords. Use motivational passphrases. (more…)
Use longer passwords. With 15 characters and avoiding obvious words you’ll be quite safe.
Use an easy way to recall your passwords. Use motivational passphrases. (more…)
Privacy by design (PbD) is meant to tackle privacy throughout the whole cycle of activities that together allow an organization to handle personal data for their purposes.
The intention is to invest sooner in privacy thus reducing untimely measures to fix personal data misuse.
A brief lookup on the topic will bring up the goal of having privacy by design done to such extent that you actually won’t need to protect personal data at all (because there won’t be any left). Also, there’s some criticism about PbD vagueness. This stems from its origin as a set of principles as we will see next, which to me is a good sign in favor of its usefulness.
It started in Canada, with Anne Cavoukian, the former Information & Privacy Commissioner of Ontario, and her Pbd principles, known as the Ontario model:
Whenever we go for principles, actually doing it is not immediate – that’s the point (because, hey, they’re generic and meant to keep in mind – not operational, rather supporting operational decisions).
To focus our initiative we can piggyback on data mapping and privacy impact assessments. These are opportunities to identify the parts where there’s a need to intentionally introduce privacy by design.
The ICO gives concrete examples where privacy by design should be considered and applied. Specifically, contexts where things change. Both from inside and outside:
Like with security in general, by embedding checks in the right moments we can go a long way without too much extra work. Take these ways to simplify as a starting point in your PbD journey:
As with other efforts, it’s sensible to embed these in existing processes and procedures, which include project management, development, and support codified practices (it’s easy to change existing organizational habits than introducing new ones, wouldn’t you agree?).
Next post I will go for breach notification (and yes, GDPR has fines for this too).
I want you to benefit from some starting points below. I’ll get better at it, promise.
Books
Two half a meter book piles are now beside my bed. I may need shelves before they dangerously rival Pisa’s tower. Better have less books around I guess. Three quite different suggestions:
“Of course, it is very important to be sober when you take an exam. Many worthwhile careers in the street-cleansing, fruit-picking and subway-guitar-playing industries have been founded on a lack of understanding of this simple fact.”
Doing
Things I am doing and… improving:
Breathing
I’ve used the word fast too many times in this post. I suggest you try this if you ever feel like going too fast and under too much stress than you can handle.
I will be doing this with a [non-frequent] newsletter format (so one can either keep them coming or opt-out!). Working on topics and focus so it’s beyond a ego-list of things I love (like what really has worked for me).
Be Well. Até já.
Seth has written more than 5000 posts ranging from great to… remarkable 🙂
To get a more specific perspective, Rob England said not long ago we wrote more than 1100 posts…
I have now reached my hundredth post.
Humbling.
Life is short. I do what I want: Draw, share, explain for you.
Obrigado.
Thank you.
Gracias.
Merci.
Kiitos Paljon.
Terima Kasih.
Back again.
Topics I find interesting – thus candidates to deeper understanding and writing this year:
I may draw on these topics as I did before mostly with ITIL. Lets see how it goes this time.
My wishes for you gentle readers: Go for your dreams this year. Remember life is short – the sooner the better. And laugh a lot – oxygen and endorphin for free!
The stats helper monkeys at WordPress.com mulled over how this blog did in 2010, and here’s a high level summary of its overall blog health:
The Blog-Health-o-Meter™ reads Wow.
The Louvre Museum has 8.5 million visitors per year. This blog was viewed about 73,000 times in 2010. If it were an exhibit at The Louvre Museum, it would take 3 days for that many people to see it.
In 2010, there were 35 new posts, growing the total archive of this blog to 73 posts. There were 45 pictures uploaded, taking up a total of 9mb. That’s about 4 pictures per month.
The busiest day of the year was August 23rd with 386 views. The most popular post that day was The RACI Matrix – Who’s Responsible, Accountable, Consulted… and kept Informed.
The top referring sites in 2010 were linkedin.com, informit.com, google.com, google.co.in, and ow.ly.
Some visitors came searching, mostly for raci matrix, itil v3, itil v3 processes, itil raci, and itil processes.
These are the posts and pages that got the most views in 2010.
The RACI Matrix – Who’s Responsible, Accountable, Consulted… and kept Informed April 2007
4 comments
ITIL v3 Processes along the Service Lifecycle Diagram (Français, English, Português) October 2007
5 comments
Service Portfolio and Service Catalogue and… – ITIL v3 July 2007
10 comments
ITIL v3 Overview – Excellent summary. And free… November 2007
5 comments
What’s new on ITIL v3 (from Sharon Taylor Axios whitepaper) – part II May 2007
1 comment
I’m back — boy, do I miss this.
Sorry for Mush and Room book. I promised it for September but didn’t ship.
Babauta, Covey, Godin, Guillebeau, Henmeier Hansson (and so many more) got it right and shared: Keep it simple, focus – live now. Just do it (Nike got it too).
For more than 20 years I wanted to write and publish a book.
It always depended on me and now it is as easy as it gets – no more excuses.
This September Mush and Room will come out in their original form: Organic, touchable, convenient paper.
Até já,
Rui
Ah! Read their magic books:
Leo Babauta: The power of less
Stephen R. Covey: The 7 Habits of highly effective people
Seth Godin: Linchpin
Chris Guillebeau: A brief guide to world domination
David Henmeier Hansson (with Jason Fried): Rework
Gary Hardy from ITGI wrote the article “ITGI Enables ISO/IEC 38500:2008 Adoption” (available only to ISACA members) putting the case for using mostly CobiT and ValIT from ITGI portfolio in order to enable IT Governance according to ISO 38500 (it goes through all the six principles and three main tasks described on the standard).
[Found it reading the crystal clear and highly recommended “The journey towards enterprise governance of IT” by Geoff Harmer]