The imposition of GDPR fines is a right of every state in Germany. Thus, Germany differs from most EU member states, where a federal agency supervise data protection. Thus, there is an independent data protection authority in each German state. There are also the Federal Data Protection Supervisor and two legally independent authorities for the… […]
Europe is ahead – USA now wants to take the lead in data protection
51 US companies are calling for a uniform data protection law at the federal level. This emerges from the published letter of the 51 corporations. In addition to network operators, financial institutions and car manufacturers, this letter has also been signed by companies such as Amazon.com, Dell, IBM, Motorola, Qualcomm, Salesforce and SAP. The authors… […]
GDPR and ISO certification
The GDPR explicitly provides the possibility of certification in . Now, the International Organization for Standardization (ISO) has published ISO 27701, a standard for demonstrating compliance with data protection regulations. With ISO 27701, the ISO 27001 policy has now been extended to include privacy considerations. What’s new? ISO now cares for information security and privacy… […]
Facebook – 419 million phone numbers available on the net
A huge database with more than 419 million telephone numbers of Facebook users, linked to the Facebook ID, was available unencrypted on the internet. The Facebook ID can be used to find the Facebook Username. In some cases, the name, gender and nationality of each user were also recorded. This has been revealed by security… […]
Vulnerability in exim mail server
Attackers gain root privileges in the system from the outside. An update helps Exim developers have released a security update that closes a critical hole in the mail server. The gap can be exploited via the Internet and affects all installations up to Exim 4.92.1 offering encryption via TLS. The update should be installed as… […]
Privacy violation
The calls for the principle of “integrity and confidentiality”. Data must be processed in a manner that ensures adequate security. The integrity and confidentiality is not given if unauthorized access to the data happend, the data was used without authorization, the data gpt lost or damaged (unauthorized changes, …). This loss of integrity or confidentiality… […]
What’s behind the “shredder affair” in Austria?
The “Schredder affair” has hit big waves in Austria. What is really behind it and how should companies deal with the problem? When computers or network printers are sold or disposed of, the data on the hard drives must be securely erased. Sensitive data may not be made accessible to unauthorized persons.But why is data… […]
GDPR fines for individuals
GDPR regulates the processing of personal data excluding processing activities by a natural person in the course of a purely personal or household activity. Other processing activities of natural persons are regulated by GDPR and can be fined. But that does not mean that individuals cannot be fined. In Germany, someone paid a fine of… […]
How long does your company survive without your computer network?
Current Cyber Attacks In recent weeks, reports of SMEs that have become victims of Ransomware attacks are piling up. One of the most prominent victims in June was Heise Verlag, the leading specialist publisher of IT topics. The Heise Verlag had a modern firewall and active virus scanners that also sounded the alarm. Nevertheless, the… […]