Archive for May 2016

Your Latest IT Newsletter

Are Microsoft going to repeat their aggressive ‘upgrading’ technique again (even though they u-turned yesterday). Is Google going to start analysing our souls for authentication? Is Big Data just a Big Headache?

Here’s what’s been going on …

Google … Wants to ‘Trust’ You …

Google is currently in a bid to get rid of your (un)trustworthy passwords and replace them with a ‘trust score’. At least, that’s it’s plan … and to have it rolled out on Android phones by next year.

Why Does Google Want To Get Rid Of Your Password?

There are many reasons why traditional passwords can be inappropriate as a means of security protection.
<More>

‘Nasty Trick’ … Used By Microsoft. Never!

Never a stranger to controversy, Microsoft has been in the spotlight again recently – in yet another storm about Windows 10.

The ‘nagging’ that many Windows users will currently be receiving is more persistent than ever at the moment. Not only that but the ‘sneaky trick’ that some IT people feel is underhand has to do with trying to close the ‘nagging’ pop-up box.

Usually, clicking the cross on the top right hand side of a pop-up screen is to close the pop-up. However, Microsoft now accepts this as tacit agreement to upgrade to Windows 10, rather than rejecting it.
<More>

Businesses Want Big Data Benefits … But Don’t Know How To Get Them

A recent survey by DNVGL reveals that more companies than ever (around three quarters) are investing in Big Data, yet less than a quarter of companies admitting to having a proper strategy. (Note that the figures are taken from their own recipients)

So, further to our recent article about ‘data-exhaust’, let’s look at why this could be significant for your business…
<More>

Businesses Want Big Data Benefits … But Don’t Know How To Get Them.

A recent survey by DNVGL (ref. https://www.dnvgl.com/Images/ViewPointReport_BigData2016_lowresRetEx-R_tcm8-61203.pdf) reveals that more companies than ever (around three quarters) are investing in Big Data, yet less than a quarter of companies admitting to having a proper strategy.
(Note that the figures are taken from their own recipients)
So, further to our recent article about ‘data-exhaust’, let’s look at why this could be significant for your business…
What is ‘Big Data’?
At it’s heart, ‘Big Data’ is all about empowering your company to make better, more accurate and faster choices about how best to run your sales, marketing and operations.

From a sales point of view, it can be harnessed to get that bit closer to your customers
A Sales Example … Caesars.
This well know gaming company has employed data analytics for a long time already and is now stepping into the future with big data analytics for better, faster decisions.
Historically, they’ve always had data about their client’s habits from their website click-paths, loyalty programmes and real-world slot machines.
However, until now they’ve had trouble in integrating all this information in real-time to gain better insights.
By using Big data thinking (integrating and analysing multiple data streams in real-time) they discovered when :

1) Someone was a new customer to its loyalty programme …
2) Had a poor run of luck in the slot machines …
3) They’ll likely never return.
By being able to test and analyse in real time, they discovered that :
1) If that new client is presented with a free meal coupon …
2) Whilst still at the slot machine …
3) They’ll be much more likely to return to the casino … to spend more money.
The key thing they discovered was in the timing that the coupon offer was made : it was critical to be offered not too soon and not too late.
Signal and Noise
The trouble is that (as the findings from the survey bear witness) most companies have little understanding of big data and as a result, the “signal gets lost among the noise”.
This is hardly surprising, when you consider the global quantity of information is apparently increasing at around 2,500,000,000,000,000,000 bytes per day. Actually – that figure was taking all the way back from a year ago around April 2015 … so it’ll be more now.
What This Means For Your Business
Clearly, we don’t need more data, just more people trained in how to process it.

Like security, Big Data analytics is only going to become more relevant and important and the tools that are emerging to help savvy business owners get ahead should at the very least be investigated.
Big data should be considered for incorporation within the company’s training manifesto, to at least appreciate the opportunities available.
One might consider the mantra … “Ignorance isn’t bliss, it’s just ignorance.”

‘Nasty Trick’ … Used By Microsoft? Never!

Never a stranger to controversy, Microsoft has been in the spotlight again recently – in yet another storm about Windows 10.
The ‘nagging’ that many Windows users will be receiving is more persistent than ever at the moment. Not only that but the ‘sneaky trick’ that some IT people feel is underhand has to do with trying to close the ‘nagging’ pop-up box.
Usually, clicking the cross on the top right hand side of a pop-up screen is to close the pop-up. However, Microsoft now accepts this as tacit agreement to upgrade to Windows 10, rather than rejecting it.
In a bid to stem the resentment this confusing new policy has caused, Microsoft has said that you can still cancel the upgrade at the point that Windows 10 is due to to be installed.
Why Has Microsoft Changed Its Policy Now?
The update has been classified as “recommended” and with interest in IT security at an all time high with business owners and general pubic alike, a significant proportion of Windows users have their settings configured to automatically accept “recommended” updates.
In short, closing the pop-up box does not cancel your automatic upgrade to Windows 10.
Some notable people in the IT industry have considered this move to be a “nasty trick”, including Brad Chacos of PC World, who went on to say “Deploying these dirty tricks only frustrates long-time Windows users who have very valid reasons to stick with operating systems they already know and love”.
Microsoft have defended their position by saying :”With the free Windows 10 upgrade offer ending on 29 July, we want to help people upgrade to the best version of Windows.

As we shared in October, Windows 10 will be offered as a ‘recommended’ update for Windows 7 and 8.1 customers whose Windows Update settings are configured to accept ‘recommended’ updates.
Customers can choose to accept or decline the Windows 10 upgrade.”
Stop-Press.
At the time of writing, Microsoft has just u-turned it’s policy here.
Due to the negative feedback and publicity, Microsoft just announced it would add another notification that provided customers with “an additional opportunity for cancelling the upgrade”.
What This Means For Your Business
It is entirely likely that having Windows 10 software automatically installed on your company’s PCs is a good thing and could even save you money in the medium and long term.
However, in any event, it would be sensible to ascertain in advance how the upgrade will impact any systems and software you specifically may be running. Indeed any older, legacy software could possibly stop working properly if there are compatibility issues so obviously it’s best to check in advance.
It will be interesting to see how aggressively Microsoft insists your company upgrades in the future … and how this could affect your licencing with other software vendors you rely on.

Google … Wants to “Trust” You.

Google is currently in a bid to get rid of your (un)trustworthy passwords and replace them with a ‘trust score’. At least, that’s it’s plan … and to have it rolled out on Android phones by next year.
Why Does Google Want To Get Rid Of Your Password?
There are many reasons why traditional passwords can be inappropriate as a means of security protection.

For starters, many people have passwords that are easy to guess (crack) based on personal information or common words. Other people invariably forget their passwords … causing them to write them down or leave them stored inappropriately, in spite of the obvious risks.

The arrival of quantum computing may even render passwords obsolete altogether.
How Does The New System Work?
It’s based on a system called “trust scores” and uses combinations of inputs (voice, keyboard etc) to ensure that you are who you say you are, via a “Trust API” to be employed on mobile phones using the Android operating system.
We all have unique signatures in the ways that our phones are accessed and so this system can use a variety of checks to build your trust score.
Facial recognition, location, voice recognition, typing speed etc are a few of the more obvious choices.
It’s Not Just a Yes or No
Different services can require different levels of security and so something (seemingly) trivial like access to playing games might require a low trust score whereas a banking app would require much higher levels of ‘trust’.
Daniel Kaufman at Google’s I/O conference said “We have a phone, and these phones have all these sensors in them. Why couldn’t it just know who I was, so I don’t need a password? It should just be able to work.”
Daniel is in charge of Google’s Advanced Technology and Projects Group (ATAP), itself responsible for experiments within Google.
Here is a Youtube link of him speaking at the event : https://www.youtube.com/watch?v=8LO59eN9om4 which makes for compelling viewing.
A Definite Trend
There are many examples (several of which we have cited recently) where other companies are promoting other ways to access their services and data, without passwords.
Last year in April, Elon Musk’s old stomping ground – PayPal –  suggested biometric possibilities such as signature ‘tattoo technology’ embedded under your skin or passwords you could “swallow”.
Talk-Talk (itself a recent victim of a high profile security breach) has abandoned passwords for voice recognition.
Retina scans and finger print recognition may almost seem old news by comparison.
When Will This Be Rolled Out?
Google has determined that it will start testing the Trust API within a few weeks with large financial institutions. It said it hoped to have it available for all android phones – and thus kill the password – by the end of the year.
What Does This Mean For Your Business?
A lost/stolen/compromised mobile phone is a vulnerable point of potential attack that many businesses don’t consider properly when thinking about their overall security.
IT security is ever increasingly becoming a major factor in every day business operations, right up there with administration or production. Anything that can make our data more secure has to be a good thing although of course there is yet to be established the legal ramifications of due diligence and responsibility if/when systems are compromised using this new technology
Whilst this move is aimed at mobile phones due to their very nature of having more sensory inputs than (say) a laptop, it could potentially be migrated to other devices as well, should it prove successful.

Your Latest IT Newsletter

A Crash Course in Data Exhaust

Just as in our offline ‘real’ life we generate by-products of everyday living in the ‘real’ world such as the waste products, gasses and smoke from our homes, workplaces, and vehicles, we also generate by-products in our online life. These things may be the files generated by web browsers and their plug-ins like cookies, log files, temporary internet files and flash cookies. These things all hang around on our computers and other IoT (Internet of ‘Things’) devices.

Other information or digital by-products in the workplace can be secondary, non-critical information that is related to our products and services, and these too are stored on our servers, databases, and computers.

If you haven’t heard the term in the decade that it’s been around, these digital by-product things have been dubbed ‘data exhaust.

<More>

Microsoft Gets Serious About Windows 10 Upgrade

Up until now, upgrading to Windows 10 from Windows 7 and 8.1 has been a decision that many users have been pondering, avoiding, or ignoring in favour of simply getting on with other things.

As far as Microsoft is concerned it looks as though it’s time to speed things along by switching the upgrade to ‘Recommended’, and by choosing to interpret the losing / rejection of the notification as an approval to upgrade.

<More>

Is France About To Ban Out of Hours Work Emails?

A recent BBC story highlighted the plans by France’s Francois Hollande’s Socialist Party to vote for a Labour Law clause that could mean that when employees of companies with over 50 people are out of work hours they will have the right to completely disconnect from all work communications.

If the measure goes through it will reportedly mean that the companies affected will each need to draw up and adhere to a Charter that states after which hours staff should not send or be expected to respond to work emails.

<More>

Get Up To Speed With the Facts About GDPR

With data breaches and their consequences in the news on a seemingly weekly basis these days the whole subject of data protection has been given a much higher priority by UK businesses.

Regardless of the outcome of the referendum about whether to remain in the EU, by 2018 new data protection regulations will come into force for the UK, and for all companies worldwide that process the data of EU citizens. What else do you need to know about the long awaited The General Data Protection Regulation (GDPR)?

<More>

Weekly Tech Tip

We’re not suggesting that you fill up your email account with large and important business files, but on the occasions where you need to save something and take it away but you don’t have e.g. a memory stick, you could email the information / files (as attachments) to yourself.

<More>

Technical Tip – Using Email as Storage

We’re not suggesting that you fill up your email account with large and important business files, but on the occasions where you need to save something and take it away but you don’t have e.g. a memory stick, you could email the information / files (as attachments) to yourself.

If you have a web based email account for example you can send and receive emails anywhere that you have access to an internet connection. Your email account can therefore act as your own online storage area.

Examples of popular web based email accounts with plenty of space are www.hotmail.com and www.googlemail.com.

Get Up To Speed With the Facts About GDPR

With data breaches and their consequences in the news on a seemingly weekly basis these days the whole subject of data protection has been given a much higher priority by UK businesses.

Regardless of the outcome of the referendum about whether to remain in the EU, by 2018 new data protection regulations will come into force for the UK, and for all companies worldwide that process the data of EU citizens. What else do you need to know about the long awaited The General Data Protection Regulation (GDPR)?

Here are some key points to remember…

More Things Count As Personal Data

GDPR will cover a much wider area in terms of what counts as personal data.

Under these new regulations, any data that could identify an individual such as genetic, mental, cultural, economic or social information will count as personal data.

Obtaining Valid Consent For Information Use Could Be A Challenge

Under the new regulations your organisation MUST be able to PROVE clear and affirmative consent to process personal data. This means that your organisation must remember to explain clearly, and exactly what personal data they are collecting and how it will be processed and used. Your organisation will therefore need to make sure that this step is built into every occurrence of personal data collection without fail and that the proof is stored and can be accessed quickly if necessary.

Many Organisations Must Appoint a Data Protection Officer (DPO)

If you are a public authority processing personal information or if your main activity involves the regular and systematic monitoring of data subjects on a large scale, or if your main work involves the processing on a large scale of special categories of data you will need to appoint a DPO.

This person will of course need to be very familiar with all aspects compliance with existing UK and the new EU regulations. This could therefore have an impact on staffing and resources (for training).

Privacy Impact Assessments (PIAs) Are Mandatory

Under the GDPR Data Controllers must conduct PIAs where privacy breach risks are high so that the risks to data subjects are minimised. This means that to minimise risks to data, subjects PIAs will be needed.

There Will Be a Common Data Breach Notification Requirement of 72 hours

Your organisation will need to have the capability and systems in place to enable it to monitor for, identify and notify the ICO of a data breach within 72 hours of discovering it.

All Data Subjects Will Have ‘The Right To Be Forgotten”

Your organisation must not hold data about a person for longer than is necessary, must not change the use of the data from the purpose for which it was originally collected (when consent was given for that specific purpose), and must delete any data about a subject at the request of that data subject. This gives subjects the right to opt out completely i.e. ‘the right to be forgotten’.

Liability Goes Beyond Data Controllers

Under GDPR it won’t just be the DC who is held liable for data processing issues.

Liability and responsibility will extend to all organisations that touch personal data.

Privacy Must Be Designed and Built-In To The System

Your software, your systems and processes must be designed around compliance with the principles of data protection every step of the way.

The Regulations Apply Wherever You Are In The World

Under GDPR, any European data protection authority is able to take action against organisations regardless of which country they are based in.

What Does This Mean For Your Business?

GDPR will mean that companies like yours will need to take a fresh look at how they deal with personal data.

Hardly any data will not fall under GDPR which means you will need to take GDPR seriously and become very familiar with it and its implications. GDPR will mean for example that:

  • Your company will need to be clear about getting consent to use a person’s data for just the specified purpose and not regard silence or inactivity as consent.
  • You may need to prepare to select a DPO for appointment, and your company may require a lot of training so that everyone understands basic compliance. This could mean that the kind of human error that could cause a data breach is minimised.
  • Your data security policies may need to be changed and the changes promoted across the company. You will also have to develop highly effective systems for monitoring for any data breaches. There will also be the need to design compliance into all data handling and processing systems, and could mean starting the analysis and thought process now to ensure that you are ready for 2018.
  • You will have to develop effective systems that ensure fresh consent is gained before you alter the way you use data, and that all data on a subject can be easily and quickly deleted on request.
  • If your company provides data processing services for anyone else’s personal data you will need to consider your liability and be compliant with the new EU regulations.
  • Only having to deal with one supervisory authority rather than a different one for each EU state should simplify things for businesses like yours, although EU citizens will still be able to register any complaints to the data protection authority of their choice.

Is France About To Ban Out of Hours Work Emails?

A recent BBC  story highlighted the plans by France’s Francois Hollande’s Socialist Party to vote for a Labour Law clause that could mean that when employees of companies with over 50 people are out of work hours they will have the right to completely disconnect from all work communications.

If the measure goes through it will reportedly mean that the companies affected will each need to draw up and adhere to a Charter that states after which hours staff should not send or be expected to respond to work emails.

The Stress of Being Constantly Connected

In the UK one of the things that we traditionally envy about the French is their quality of life and the way that that they appear to really value and protect their work / life balance.

In the 90’s for example the 35-hour working week was introduced (but is now facing reform) and we are often reminded by the media of the two-hour lunches and early departures for weekend breaks that some French workers enjoy.

It is no surprise therefore that the reason behind the proposed measure to allow ‘disconnection’ outside of work hours is the acceptance among many in the French government that having to answer work emails at home is stressful, intrusive, damaging to relationships and potentially damaging to a person’s health and wellbeing.

Driven By The Digital Revolution

The digital revolution has meant that peoples’ personal lives around the world have been increasingly encroached upon by their work lives, and in France there is now a feeling that legislative intervention could offer some necessary protection.

Labour Law

The proposed disconnection clause is the one part that has reached consensus of a contentious new French labour law named after Labour Minister Maryam El Khomri.

2 Types of Time

The BBC article about the new measure highlighted how the French recognise two clearly different categories of time as defined by the Greeks. Chronos is the regular divisible time whereas Keiros is the kind of kind of productive and creative thinking time that employers will need to protect if the measure goes through.

Not All Agree

There are of course many arguments against the introduction of the measure. Some companies for example operate in markets around the world in many different time zones, and working at night in these markets is necessary in order to compete. In other jobs such as sales, leads arrive and buyers make their vital purchase decisions for example at unpredictable times, so here too a strict adherence to the measure may not be helpful.

What Does This Mean To Your Business?

To French businesses, if this becomes part of law it will mean some big changes to how communications are managed within many companies.

It could be argued that what may be lost in opportunities or competitiveness as a result of adherence to the clause could be made up for by e.g. a happier more creative workforce with less absenteeism, and of course a better home life.

In the UK, businesses could choose to take a leaf out of the book of our French neighbours by voluntarily taking measures to show that they value and respect workers and their wellbeing. This could be achieved in big ways such as drawing up their own company disconnect charter or in small ways such as a “no email Friday” where employees are encouraged to give themselves a break by minimising digital messaging on an allotted day.

There is also an argument that smarter working practices could minimise the need for out-of-hours intrusions and that education and the subject in your workplace could in itself help to cut down on unnecessary out-of-hours work intrusions, and reduce the stress associated with them or worrying about them.

Offering stress busting measures and activities within the company and by regularly communicating with staff and listening to their concerns could also help.

Microsoft Gets Serious About Windows 10 Upgrade

Up until now, upgrading to Windows 10 from Windows 7 and 8.1 has been a decision that many users have been pondering, avoiding, or ignoring in favour of simply getting on with other things.

As far as Microsoft is concerned it looks as though it’s time to speed things along by switching the upgrade to ‘Recommended’, and by choosing to interpret the losing / rejection of the notification as an approval to upgrade.

Phased Push

Although the big push now appears to be on, IT media commentators such as Computer Weekly noted in a recent article that the shift from remind to ‘recommend’ did in fact start back in February, but that the recommending has been rolled out in a phased way over what has turned out to be nearly 3 months.

What Does ‘Recommend’ Mean?

In terms of Windows Update language, ‘Recommended’ means that (where users haven’t altered the default behaviour) there is an automatic download and install onto their PC with no human assistance needed.

Clicking the X Can Now Equate to Tacit Approval

Most of us are used to the idea that we are able to dismiss a notification by clicking on the ‘X’ in the top corner of a notification box and that the X is an alternative to clicking on the acceptance of what we are being notified of. In the case of the Windows 10 Upgrade however, for Windows 7 & 8.1 customers whose Windows Update settings are configured to accept ‘Recommended’ updates, choices may now be thin on the ground.

The stage has now been reached whereby Google has revised the Get Windows 10 (GSX) app support document, and just as clicking on OK in the notification means that the upgrade and its scheduled implementation is approved, clicking on the ‘X’ also appears to indicate tacit approval.

Big Download

The size of the automatic Windows 10 download is reported to several gigabytes, which if you didn’t really want it anyway could mean that you could find that your data connection and your available space are squeezed.

Offer Ends July 29th

The free Windows 10 upgrade offer ends on July 29th. Reports indicate that Microsoft are likely to start removing the “Get Windows 10” from that date, but it is not known whether the it will alter the ‘Recommended’ status of the update.

What Does This Mean For Your Business?

If you’re still running older versions of Windows such as 7 & 8.1 it appears as though you will need to very soon make a decision about upgrading to Windows 10, and be very careful about how you respond to any notifications that you receive to prompt you to upgrade. Now may be the time to seek professional advice on the subject.

It is also worth seeking information about the many benefits and positive aspects of Windows 10 rather than simply focusing on the potential risks.

A Crash Course in Data Exhaust

Just as in our offline ‘real’ life we generate by-products of everyday living in the ‘real’ world such as the waste products, gasses and smoke from our homes, workplaces, and vehicles, we also generate by-products in our online life.

These things may be the files generated by web browsers and their plug-ins like cookies, log files, temporary internet files and flash cookies. These things all hang around on our computers and other IoT (Internet of ‘Things’) devices. Other information or digital by-products in the workplace can be secondary, non-critical information that is related to our products and services, and these too are stored on our servers, databases, and computers.

If you haven’t heard the term in the decade that it’s been around, these digital by-product things have been dubbed ‘data exhaust’.

How Big?

A recent Computer Weekly Article tried to describe some of the key facts about ‘data exhaust’ to us, one of which was the size / scale of it. It used the example of Google which collects all the data it can without yet having a primary use for it.

Data exhaust is therefore bigger than what’s become known as ‘Big Data’ i.e. it’s too big to work with it record by record.

Some of It Could Be Useful

Some of the secondary data that is collected about products and services e.g. statistics could be used to help in marketing of those products and services. Data exhaust can therefore be very useful and could be used in future to add value to your products and services.

Some of It May Never Be Useful

There is a balance to be struck between keeping potentially transformative exhaust and simply building up a vast amount of useless data into a ‘data swamp’.

Customers May Not Like You Using It

Just because you have stored a great deal of data about your customers or subscribers and their online behaviour, it doesn’t mean that it is appropriate or wise to use it all. Using certain types of data could result in negative PR and could negatively affect your marketing and customer relations.

What Does This Mean For Your Company?

Rather than just collecting everything, your company should make decisions along the way about what data is most likely to be useful, and what data is simply clutter. This could involve consulting with the employees closest to the core business and most in touch with the data as this could help you decide what can and should be thrown away.

Companies may also want to take legal advice about what data can be used and in what way.

Building up a store of data will also require scalable storage.

There is also the need to make sure that all of the data you collect is secure and protected from potentially costly data breaches.