DPIA for Microsoft Services

There is a part of Microsoft you must be familiar with if you are working in the privacy field.

https://docs.microsoft.com/en-us/compliance/regulatory/gdpr

The General Data Protection Regulation (GDPR) introduced new rules for organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data for EU residents no matter where you or your enterprise are located. This area of the Microsoft site helps you understand the different obligations you need to be aware of.

One of the things I find most lacking in organisations I cosult for is a total lack of Data Protection Impact Assessments. There is nothing inherent in Microsoft Office 365 that would necessarily require the creation of a DPIA by a data controller using it...

Read More

Pen Testing Microsoft Services

Two critical links to get you started in understanding the penetration testing opportunity for Microsoft services.

The first describes the unified rules (“Rules of Engagement”) for customers wishing to perform penetration tests against their Microsoft Cloud (defined below) components. What you can do, and how to start.

https://www.microsoft.com/en-us/msrc/pentest-rules-of-engagement?fbclid=IwAR3P33Gf76GAhD6cdGsJjZHptLvdLIybAVak-INkPZFXPdY6J2NSb2cm4Zs

The second link is part of Office 365 Threat Intelligence services and describes the Attack Simulator which can be used to run realistic attack scenarios in your organization. This can help you identify and find vulnerable users before a real attack impacts your bottom line.

https://docs.microsoft...

Read More

Brilliant free tech session coming up in Newcastle on Jan 16th:

Azure DevTest Labs

Azure DevTest Labs is a service that helps you quickly create environments in Azure while minimizing waste and controlling cost. You can test the latest version of your application by quickly provisioning environments using reusable templates and artifacts, easily integrate it with your deployment pipeline, or create pre-provisioned environments for training and demos.

In this talk, Darren will cover his team’s implementation of Azure Dev Test Labs, some of the good, the bad and the ugly of the solution and some really nice features that can save both Devs and QAs time.

Speaker: Darren Tingle

A Senior QA Engineer at Sage, have tried my hand at Dev, DevOps and Support in previous guises...

Read More

The Deck for (GDPR) SERVICE DEVELOPMENT WITH DATA PROTECTION BY DESIGN AND BY DEFAULT

Here is the PDF for the (GDPR) SERVICE DEVELOPMENT WITH DATA PROTECTION BY DESIGN AND BY DEFAULT dual session.

Hope you enjoyed the sessions (as information heavy as they are).

Privacy by Design – handout

 

Read More

GDPR – Considering Compliance in Office 365 and Azure

I’m speaking at Strelley Hall in Nottingham on what should be a great evening of tech feasting.  21/09/2017 from 6:30 pm – 10:30 pm.

GDPR – Considering Compliance in Office 365 and Azure

This session provides a top down view of the Office 365 Compliance Center, A business and operations focused session describing why we need to understand the key aspects of this service around archiving and retention, e-discovery, advanced e-discovery and audit. The session considers not only the features in Office 365 and Azure, but the issue of legality, EU Compliance and the EU-US Privacy Shield, data sovereignty and the possible impact of Brexit on service owners...

Read More

Have you booked for ESPC yet?

I will be speaking at Europe’s Largest SharePoint, Office 365 and Azure Conference and it is approaching fast. Here’s a few handy tips on how to make the most of your time at the conference.

  1. Find out who’s going
    Check out Twitter #ESPC17 to find out who’s going or visit the ESPC17 delegates page. If you would like to be added to this page, email your image and details to sarah@sharepointeurope.com There’s no better time to network with your peers, connect with new prospects, or touch base with customers than ESPC17. Don’t bank on running into them at the conference, reach out to them before and arrange a meeting.
  2. Plan Ahead
    Take a look at the conference schedule and decide the sessions and tutorials you would like to attend...
Read More

SUGUK Cambridge 23rd November

I’m speaking at the SharePoint User Group in Cambridge on the 23th November.

There will be two session, to be confirmed but my own will be on Compliance in Office 365 and Azure .

This session provides a top down view of the Office 365 Compliance Center. A business and operations focused session describing why we need to understand the key aspects of this service around archiving and retention, e-discovery, advanced e-discovery and audit.

The session considers not only the features in Office 365, but the issue of legality, EU Compliance and the EU-US Privacy Shield, data sovereignty and the possible impact of Brexit on service owners...

Read More

SUGUK London – November 24th

I’m speaking at the SharePoint User Group in London on the 24th November at the new Microsoft Offices in Paddington.

There will be two session, to be confirmed but my own will be on Compliance in Office 365 and Azure.

The session provides a top down view of the Office 365 Compliance Center. A business and operations focused session describing why we need to understand the key aspects of this service around archiving and retention, e-discovery, advanced e-discovery and audit.

The session considers not only the features in Office 365, but the issue of legality, EU Compliance and the EU-US Privacy Shield, data sovereignty and the possible impact of Brexit on service owners...

Read More

Anywhere, always-on mobile productivity

If your not bought into the value of Cloud services just yet, a significant underpinning benefit of a comprehensive Cloud strategy is the ability for a more mobile workforce, with tooling accessible from anywhere on any device.

Of course this does require a step change in how apps are produced, and business such as banks or other highly regulated industries looking to move to a more cloud world have the challenge of App refactoring so their apps work in the cloud, coupled with a raft of new concerns around security and compliance.

Familiar tools like Outlook, Word, Excel, Skype for Business, and Office 365 stay with employees throughout the day...

Read More

The miracle of the five loaves and two fish

Well, who’d have thought things would be so quickly heading into the world of AI!  Twitter’s acquisition of Magic Pony in 2015 was just the beginning of Silicon Valley’s hunger to buy anything in the machine learning space.  More fish and loaves are needed, as we have a disturbing famine of Computer Scientists, especially with knowledge of the ML and the AI space.

Microsoft are moving around some 5,000 computer scientists and engineers to focus on the company’s AI product efforts. This will accelerate the delivery of new capabilities to customers across agents, apps, services and infrastructure.  This will be their new direction, and new faith.  We just need to keep down the costs of feeding and watering them!

Its a cool move and if they get it right they will build the most powerfu...

Read More