Monday, December 30, 2019

Intellectual Capitalism is moving... and expanding

Intellectual Capitalism is a repository for all things that embody the interests and spirit of Bluedog. We believe an intellectual capitalist pursues freedom of choice -- and what counts is freedom in the marketplace, in the home, in one's thoughts.

In 2020, Intellectual Capitalism will evolve as the repository of information for those who intersect with the interests of Bluedog -- consultants and entrepreneurs, those who serve in the government marketing arena, and anyone with an interest in managing and orchestrating your organization's communications.

This means Intellect Capitalism will continue to be a place for anyone who have an interest in the craft of corporate communications, the application of technology, and the fun of business.

www.intellectualcapitalism.com


Friday, December 6, 2019

What Are the Biggest Cyber Risks in the Upcoming Year?

What are the expected trends in cyber security in the upcoming year? According to a report from Trend Micro--

  • Third-party libraries, container components and even remote workers represent a major supply chain risk to organizations as they head into a new decade.
  • Continued user misconfigurations will exacerbate cloud security challenges, while developers’ reliance on third-party code could expose countless organizations, it continued.
  • Shared container components containing vulnerabilities as exposing organizations to attacks across the IT stack.
  • Supply chain risk will extend to managed service providers (MSPs), especially those with multiple SMB customers.
  • Home and remote working environments are potential hotspots for supply chain attacks -- everything from weak Wi-Fi security in public workspaces to smart home challenges posed by unsecured smart TVs, speakers and digital assistants.

The security firm's 2020 predictions report, The New Norm, emphasizes the cloud as a likely attack objective, as near-do-wells  focus efforts on code injection attacks to obtain sensitive information — either directly or via third-party incursions.

Monday, December 2, 2019

Small Business GDPR Requirements Differ from Large Business

Are small businesses required to keep the same records of compliance as large businesses?
Although Article 30 of the GDPR states that companies must “maintain a record” of their processing activities, the provision contains an exemption for small businesses. Specifically, it states that if a company employs “fewer than 250 persons,” it is generally not required to maintain a record of its processing activities. The exception does not apply, however, if one of three conditions is present:
  • The small business carries out processing that “is likely to result in a risk to the rights and freedoms of data subjects,”
  • The small business carries out processing that “is not occasional,” or
  • The small business carries out processing that “includes special categories of data” or that involves “data relating to criminal convictions and offense.”
The small-business exception been interpreted very narrowly by the Article 29 Working Party. A small business of course maintains personal data concerning its employees. As that data is maintained throughout the employment relationship (and typically beyond) it is subject to systematic and periodic processing (e.g., to run payroll, collect and pay taxes on behalf of employees, evaluate performance, etc.). The Article 29 Working Party assumes that such processing cannot be characterized as “not occasional.” In order for processing to be considered “occasional,” it cannot be “carried out regularly” and it cannot be carried out within “the regular course of business or activity” of the company.  In such jurisdictions that so permit, employers often collect “data relating to criminal convictions” prior to offering an individual employment and periodically throughout the employment relationship. It is also common for an employer to hold some information about employees’ health. As a result, even if a company has fewer than 250 employees, it may still be subject to the same record keeping requirements as larger companies with respect to its human resource related data. 

Read more here...