Data protection regulations and compliance

ICO to cut back on fines for public sector data breaches

Information commissioner John Edwards sets out a revised approach to how the ICO handles data breaches in the public sector, saying fining victims risks punishing the public twice over Continue Reading

Backup maintenance: Five key points to consider

Effective backups need to ensure all data is protected, and to track media and software changes. We look at five key things to consider Continue Reading

Veritas aims at autonomous backup discovery and provisioning

Veritas bets on a backup platform that can discover all enterprise data – on-premise and in the cloud – and make its own decisions about the optimal place to store copies Continue Reading

What will the Data Reform Bill mean for UK businesses operating in the EU?

Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union Continue Reading

Government responds to Data Reform Bill consultation

Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit Continue Reading

Podcast: SaaS data protection vulnerability and how to manage it

We talk to backup and data management supplier Cohesity about the added vulnerabilities of software-as-a-service data in a hybrid cloud environment and how best to manage multiple data sources Continue Reading

Health data strategy to exorcise ghosts of GPDPR

Government publishes a revised data in health strategy, with an emphasis firmly on preserving the integrity and privacy of patients’ confidential information Continue Reading

Cloud-to-cloud backup: When native cloud protection is not enough

There is a certain amount of protection built into cloud services, but it has its limits and full data protection requires that cloud data is secured with cloud-to-cloud backup Continue Reading

Kubernetes backup products and 10 key players

We look at 10 key players in Kubernetes backup, why they are needed, what they offer and why you need to watch out for duplication between application teams and the IT department Continue Reading

APAC buyer’s guide to backup and recovery software

In this buyer’s guide, learn more about the market for backup and recovery software and key data protection capabilities to look for Continue Reading

Rubrik charts data security path

Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats Continue Reading

CW APAC: Trend Watch: Datacentres

Firms should keep their data storage setups under frequent review to ensure their goals are being met effectively. In this handbook, focused on datacentres in the Asia-Pacific region, Computer Weekly looks at the shift towards colocation facilities, the projected change in spending patterns, nuclear power’s potential to reduce carbon emissions and the importance of infrastructure as code in edge datacentres Continue Reading

Europol gears up to collect big data on European citizens after MEPs vote to expand policing power

The European Parliament has voted to expand Europol’s role, legalising its processing of bulk datasets containing personal information and endorsing research into predictive policing technologies Continue Reading

Pro-competition data sharing will not include users’ personal info, says minister

UK government proposals to improve competition in digital markets by making tech giants share data with smaller firms will not include consumers’ personal information, says digital minister Continue Reading

GPDPR data scrape a ‘mistake’, says leading scientist

Giving evidence to the Science and Technology Committee, academic, physician and science writer Ben Goldacre has expressed serious misgivings about the on-hold GPDPR NHS data scrape Continue Reading

The limits and risks of backup as ransomware protection

Backups can provide a sound means of recovery from ransomware infection, but they are not 100% certain to foil attackers. We look at the limits and risks of depending on backups Continue Reading

‘Spy cops’ inquiry delves into police relationship with MI5

There was ‘no filter’ on the information that undercover police officers were collecting on activists throughout the 1970s, despite senior managers and officials involved in directing the surveillance questioning the appropriateness of the information gathering and sharing Continue Reading

Disaster recovery is an essential service for EDF with Phenix-IT

EDF has built disaster recovery tracking, planning and testing software on a six-month upgrade cycle based on governance, risk and compliance functionality in Mega’s Hopex platform Continue Reading

Podcast: War, geo-political risk, data storage and compliance

We talk to Mathieu Gorge, CEO of Vigitrust, about impacts on compliance and data storage from instability in geo-political events, such as the Russian invasion of Ukraine Continue Reading

Russia-supporting cyber crime gang claims Coca-Cola as victim

Stormous cyber crime collective claims to have stolen 161GB of data from Coca-Cola, and says it plans to sell it off Continue Reading

Ransomware victims paying out when they don’t need to

Sophos’s annual State of Ransomware report shows dramatic increases in the impact of ransomware attacks, but also finds many organisations are paying ransoms when they don’t need to Continue Reading

Snapshots vs backup: Use both for optimum RPOs

We look at snapshots and backup, the key difference, their pros and cons and how best to use the two approaches in an integrated data protection strategy for optimal RPO Continue Reading

How Veeam helped grocery chain Franprix escape its backup hell

French supermarket chain had backup windows that ran well into the next working day and restoring deleted files could take days. It chose Veeam in a contest with Cohesity Continue Reading

Hammers sign Acronis as backup and security in one

West Ham United set to replace separate backup from Veeam and a variety of security products with Acronis Cyber Protect to have backup, data protection and file share on a single platform Continue Reading

Snapshots best practice: Five key things you need to know

We look at snapshots best practice, including the way they work, why they are not the same as backups, how to avoid heavy processing overheads and key user permissions tweaks Continue Reading

Call center compliance checklist for hybrid workforces

As many call centers embraced remote work amid the COVID-19 pandemic, compliance became difficult to monitor. A checklist can help call center managers maintain proper compliance. Continue Reading

Backup types explained: Full, incremental, differential, synthetic

We look at backup – on-prem and cloud – and the key variants available, from full backup to synthetic full, via incremental, differential, incremental forever and reverse incremental Continue Reading

Ten years of the Raspberry Pi

In this week’s Computer Weekly, as the Raspberry Pi reaches its 10th anniversary, we look back on how the low-cost computing device went from schools to supercomputers and even into space. Gartner offers tips on how to motivate IT staff in a hybrid working environment. And we meet the Dutch hackers helping to secure the internet. Read the issue now. Continue Reading

Backup: N-able emerges from white box to aim at enterprise customers

It spent years integrated with Solarwinds and as a re-sold product, but now it plans to target enterprise customers with a backup product that aims at granular file protection and restore Continue Reading

Biden issues warning about Russian cyber attacks

President Biden has said that US companies running critical infrastructure should immediately harden their defences in anticipation of potential cyber attacks from Russia Continue Reading

How 2022’s most significant data privacy trends affect your organisation

Data privacy and protection are now core responsibilities for most, but as we all know by now, compliance is a moving target. Here, expert Alan Calder looks ahead at what to expect in the coming months Continue Reading

Cloud-era disaster recovery planning: Maintenance and continuous improvement

In the final article in this four-part guide to disaster recovery planning, we look at how and when to update, maintain, audit, review and continually improve the DR plan Continue Reading

Cloud-era disaster recovery planning: Assessing risk and business impact

In the first in a series on cloud-era disaster recovery, we provide a step-by-step guide to building firm foundations for the disaster recovery plan, with risk assessment and business impact analysis Continue Reading

Direct action is a risky business for Ukraine's volunteer hackers

Hackers have been responding to Ukraine’s call to create an IT army, but there are many reasons why taking direct action in a kinetic conflict is a bad idea Continue Reading

Define RPO and RTO tiers for storage and data protection strategy

We look at RPO and RTO in defining data protection and disaster recovery strategies and how to specify tiers that reflect the importance of different systems in your organisation Continue Reading

Backup heads to cloud as ransomware hits 76% and RTOs/RPOs fail

Veeam survey finds most can’t recover the data they want or do it in time, ransomware is now a ‘disaster’, use of the cloud is increasing, but the datacentre is still very important Continue Reading

Retrospect Backup refines anomaly detection in ransomware battle

StorCentric backup software brand allows customer fine-tuning of anomaly detection in struggle against ransomware, and adds immutable copies via object locking in Azure Continue Reading

Botched third-party configuration exposes Internet Society data to web

Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage Continue Reading

Porn sites will be legally required to verify users’ ages

Porn sites could be legally obliged to verify that their users are 18 or over under proposed online safety rules, in UK government’s second attempt to prevent children from accessing pornography online Continue Reading

Cloud-era disaster recovery planning: Staff training, incident and media management

In the third in a series on cloud-era disaster recovery, we set out the key components of DR staff awareness and training programmes, as well as incident management and dealing with the media Continue Reading

How open source is shaping data storage management

Open source data storage offers a great deal of flexibility, but unlocking its benefits will require strong technical resources to meet requirements such as stability, high availability and security Continue Reading

British Council data exposed by third-party cyber failure

The British Council entrusted confidential data on its students to a third-party and was let down Continue Reading

Data on children of armed forces personnel exposed in breach

Data on 4,142 children of serving armed forces personnel was exposed in a data breach at the Ministry of Defence Continue Reading

Cyber skills gap affecting data privacy practice, finds ISACA

Organisations are struggling to fill both legal and technical privacy roles, with potentially damaging consequences, according to a report Continue Reading

Cloud storage data residency: How to achieve compliance

There’s a conflict between cloud storage and the need to comply with local laws and regulations. We look at cloud data location, data residency, data sovereignty and data adequacy Continue Reading

Navigating PIPL: European businesses plot their next steps into China

How does China’s strict new Personal Information Protection Law impact European businesses? Continue Reading

Cloud-era disaster recovery planning: Setting strategy and developing plans

In the second in a series on cloud-era disaster recovery, we look at how to formulate a DR strategy and develop detailed DR plans for your organisation, while taking cloud services into account Continue Reading

Cloud-era disaster recovery planning: Assessing risk and business impact

In the first in a series on cloud-era disaster recovery, we provide a step-by-step guide to building firm foundations for the disaster recovery plan, with risk assessment and business impact analysis Continue Reading

Test police algorithms in court rather than legislate, Lords told

Police algorithms and their impacts should be tested and challenged in court, rather than controlled by new laws, says policing minister Continue Reading

Podcast: 2022 compliance preview – GDPR goes global

We talk to Mathieu Gorge, CEO of VigiTrust, about what’s looming in compliance, with regulations based on the principles of the General Data Protection Regulation plus the concept of cyber accountability Continue Reading

OVHCloud hit with customer class action over March 2021 datacentre fire

OVHCloud said it cannot comment at this time on the legal action, which is being embarked upon to compensate customers who claim to have lost data as a result of the public cloud firm’s datacentre fire in March 2021 Continue Reading

Top 10 cloud storage, DR and datacentre storage stories of 2021

Key articles from 2021 that demonstrate the growing importance of cloud storage and disaster recovery, but also the snags that lead to cloud repatriation and difficulties restoring from the cloud Continue Reading

Top 10 ransomware and backup stories of 2021

Key articles from 2021 that highlight the link between ransomware and snapshots and backup and their role in repelling attacks, plus effects of the pandemic on backup and recovery Continue Reading

Gig economy algorithmic management tools ‘unfair and opaque’

Report published by Worker Info Exchange warns of algorithmically enabled rights abuses in the gig economy, noting the insufficient transparency of employers and the lacklustre nature of legal redress Continue Reading

IT priorities 2022: Ransomware and cloud drive storage and backup

The pandemic and the move to the cloud has driven cloud storage as a key priority Continue Reading

The rules for a safer internet

In this week’s Computer Weekly, as the government publishes the Online Safety Bill, we look at what the laws mean for internet services. A ransomware victim shares the insider story of the trauma of losing their corporate IT systems. And we ask, what happens when quantum computers get too powerful to verify their output? Read the issue now. Continue Reading

Unesco member states adopt AI ethics recommendation

The non-binding recommendation seeks to define a common set of values and principles to guide the development of ethical AI globally Continue Reading

Over 100 civil society groups call for changes to EU AI Act

Civil, human and digital rights organisations sign open letter calling on European policymakers to put fundamental rights at the heart of the proposed Artificial Intelligence Act Continue Reading

Cloud storage compliance pitfalls: Post-pandemic and post-Brexit

We look at the key areas of cloud storage compliance that can trip you up, with shared responsibility with cloud providers and data residency among the most important Continue Reading

CW APAC: Expert guide to storage management

The storage landscape is evolving at pace. In this handbook, focused on storage management in the Asia-Pacific region, Computer Weekly looks at how firms are rising to the storage challenge, Lenovo’s viewpoint on the region’s market opportunities, how the Malaysian Highway Authority made itself more cyber secure and the advantages of Nexustorage’s latest offering Continue Reading

New law needed to rein in AI-powered workplace surveillance

MPs and peers call for new legislation to regulate the growing use of artificial intelligence in the workplace, which is being used to surveil workers’ performance and behaviour Continue Reading

Oversight of biometrics and surveillance should not go to ICO

Biometrics and surveillance camera commissioner Fraser Sampson has panned the UK government’s proposed plan to absorb the functions of those roles under the remit of the information commissioner Continue Reading

The ICO is right to push back against government meddling

Some criticisms of the ICO are justified, but the answer to that is not to give Whitehall more oversight over the data protection regulator, argues legal expert Edward Machin Continue Reading

Yoti develops age estimation algorithm for under-13s

Age estimation technology developed by Yoti is being pitched as a way of helping social media platforms and other online businesses protect younger internet users from harm Continue Reading

Gig economy workforce nearly trebles over five years

Over four million people in England and Wales now work for gig economy platforms at least once a week, marking a nearly threefold increase since 2016 Continue Reading

Immutable snapshots aim to neutralise ransomware

Snapshots – usually immutable anyway – get functionality to stop ransomware intruders moving or deleting snapshots, so customers know they have clean copies of data to restore from Continue Reading

Facebook self-imposes facial recognition moratorium

Facebook and Meta have committed to halting their use of facial recognition technology and deleting the biometric data of more than a billion people by the end of 2021, but will retain the underlying algorithms and software for potential use in future products Continue Reading

What the Budget means for UK technology

In this week’s Computer Weekly, we look through the Chancellor’s Autumn Budget and Spending Review to find what it means for the UK tech sector. As COP26 starts, we assess the green credentials of the IT industry. And we hear one CTO’s experiences of learning the privacy lessons of GDPR. Read the issue now. Continue Reading

Cohesity beefs up ransomware and disaster recovery offer

Disaster Recovery as-a-service, Data Govern and project Fort Knox available or in development as data protection supplier augments its portfolio with ransomware firmly in mind Continue Reading

MEPs vote to expand Europol data mandate

The European Parliament has voted in favour of expanding Europol’s mandate to process data and develop AI tools, but critics claim it contradicts a previous vote which opposed using new technologies to predict crime Continue Reading

APAC expert guide to storage management

In this expert guide to storage management in Asia-Pacific, we unpack the developments shaping storage management and key strategies to extract business value from data Continue Reading

Ban UK police use of facial-recognition, House of Lords told

Experts giving evidence to the House of Lords have said that UK police use of facial-recognition technology is disproportionate and ineffective, and further questioned the utility of algorithmic crime ‘prediction’ tools Continue Reading

Malaysia’s highway authority improves DR capabilities

The Malaysian Highway Authority is now more resilient against cyber attacks through a local disaster-recovery-as-a-service offering powered by Veeam software Continue Reading

Addressing the backup dilemma to ransomware recovery

Everyone knows good backups are essential if one is to recover from a ransomware attack, but using them effectively poses challenges that IT teams need to know about Continue Reading

ICO expresses concerns over its future independence

In its response to the government’s data protection consultation, the Information Commissioner’s Office has raised worries over its future ability to function independently of government interference Continue Reading

Met Police purchase new retrospective facial-recognition system

Retrospective facial-recognition software purchased for £3m by the Met Police will be deployed in coming months amid continuing controversy around the use of biometric technologies by law enforcement bodies Continue Reading

Digital regulators need discrete but cooperative remits

The UK’s information commissioner has told MPs that digital economy regulators need discrete remits backed up by strong information sharing powers to both provide clear focus as well as allow for greater cooperation between their disparate but interlinked regimes Continue Reading

GCP gets triple-redundant NAS and built-in Kubernetes backup

Google Filestore Enterprise will provide synchronous replication across three zones, while Backup for Google Kubernetes Engine brings built-in container cluster data protection Continue Reading

NGO Fair Trials calls on EU to ban predictive policing systems

The use of artificial intelligence to predict criminal behaviour should be banned because of its discriminatory outcomes and high risk of further entrenching existing inequalities, claims Fair Trials Continue Reading

UN human rights chief calls for moratorium on AI technologies

High commissioner’s call for a moratorium on the use of AI systems that pose a serious risk to human rights is accompanied by a UN report on the negative human rights impacts associated with the technology Continue Reading

Security Think Tank: Optimising privacy, post-GDPR

Airbus CyberSecurity CTO Paddy Francis explores the impact of regulation on data protection, and how it has changed how one goes about optimising data privacy in the enterprise Continue Reading

Security Think Tank: A response to planned data protection changes

The ISF’s Emma Bickerstaffe assesses how organisations might respond to proposed changes to the UK’s data protection regime Continue Reading

UK’s new data protection strategy risks costing business more than it gains

The apparent business benefits of pursuing data adequacy agreements around the world may not be as enticing as they at first appear Continue Reading

Security Think Tank: Managing data securely throughout its lifecycle

Managing data in a secure manner is key to ensuring its integrity and therefore its value to the organisation, as well as reducing risk from breaches and misinformation Continue Reading

Are proposed data protection changes a threat to UK citizens’ privacy?

Though changes are as-yet undefined pending an upcoming consultation, concerns are already being expressed over the government’s plan to liberalise data protection laws in the service of innovation and growth Continue Reading

Government unveils post-Brexit data flow proposals

The government will pursue data partnerships with countries including Australia, South Korea and the US as part of a post-Brexit data regime that may also see substantial changes to the UK’s data protection law Continue Reading

Security Think Tank: Steps to a solid data privacy practice

Petra Wenham of the BCS shares her expertise on building, or rebuilding, a solid business data privacy practice in a post-Covid-19 world Continue Reading

NZ privacy lead John Edwards named new information commissioner

DCMS has named John Edwards, currently New Zealand privacy commissioner, to succeed Elizabeth Denham as UK information commissioner Continue Reading

Over a million opt out of NHS data-sharing

Failure to communicate benefits of data-sharing proposals and privacy concerns are prompting large numbers of people to opt out of a proposed NHS Digital scheme Continue Reading

Veeam survey: Big cloud impact on backup and disaster recovery

Backup specialist finds cloud eclipses on-site compute for all workloads while DR makes big strides in the cloud despite concerns about complexity and security Continue Reading

Pub apps harvesting swathes of customer data unnecessarily

Some pub and restaurant chain apps demand data such as gender and marital status, raising eyebrows among privacy campaigners Continue Reading

Disaster recovery for SMEs: Five key areas to consider

We look at key disaster recovery considerations for SMEs, including why backup is not enough, how to create a disaster recovery plan, best-practice DR testing and DR as a service Continue Reading

Almost half unaware of GP data-sharing plans

Around half of adults in England – approximately 20 million people – remain unaware of the scope of the NHS GPDPR programme, prompting calls for a public education campaign Continue Reading

Secureworks sets up in EU datacentre for XDR services

New datacentre location helps Secureworks’ customers meet EU data residency requirements Continue Reading

City of York picks Barracuda Networks for data protection

York Council needed to refresh its backup service to bring new security protections after it went ‘all-in’ on Microsoft Office 365 Continue Reading

European ‘chat control’ plans in the name of ‘child safety’ threaten end-to-end encryption

Proposals by European Commission to search for illegal material could mean the end of private messaging and emails Continue Reading

UK taskforce calls for cutting GDPR protections

The UK’s Taskforce on Innovation, Growth and Regulatory Reform has recommended scrapping safeguards against automated decision-making contained in the General Data Protection Regulation Continue Reading

The Security Interviews: How to build a government model to ‘hack for good’

Kyle Hanslovan started Huntress to give back after a career in the intelligence sector. After US authorities took action to help people hit by the Microsoft Exchange attacks, we discussed how governments can ‘hack for good’ Continue Reading

Europe’s proposed AI regulation falls short on protecting rights

The European Commission’s proposal for artificial intelligence regulation focuses on creating a risk-based, market-led approach replete with self-assessments, transparency procedures and technical standards, but critics warn it falls short of being able to protect people’s fundamental rights and mitigating the technology’s worst abuses Continue Reading

How the pandemic changed backup

The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware Continue Reading