In this post I posed the question ‘Who is Processing Your Data’ highlighting some potential GDPR issues with normal website hosting services versus the I-ntarsia managed platform. It was in response to an email from a company marketing manager who’s MD asked who was doing a plethora of data processing tasks. Worrying stuff.
Late last night we received notification from the Drupal folks that a moderately critical security release was being made available late on Wednesday 1st August (a fantastic example of actively looking after the community). I, therefore, spent this morning rescheduling our resources to ensure that we can do a platform impact test as soon as we get the release, and preparing customers for a platform update rollout on Thursday/Friday.
Then, at lunch, I saw this on the BBC site about the Dixons Carphone hack. 10 million user accounts! 5.9 million payment cards! Mine might be amongst them. Now, I’m pretty certain that TCW/Currys have some pretty smart people and processes and that this hack was state of the art. I’m also pretty certain that somewhere down the line there will have been an assumption, however small, that some aspect of security was being checked and it wasn’t.
These things are not unrelated. Yes, very few organisations will have that level of exposure, but ALL organisations need to be vigilant and ask the questions about who is taking care of these things. If you can’t get a detailed, specific answer describing the processes in place then, guess what, they almost certainly aren’t.
So, as the BBC often says ' If you have been affected by any of the issues raised ...' feel free to get in touch.
This mailing list is announce-only.
I-ntarsia is a Digital Service Platform bringing the power Drupal 8 content management and ecommerce system to the widest range of digital architects, designers and corporate end users.
We use the I-ntarsia Directions list to post articles, announce new products and services as well as to make unique offers to subscribers. If you are involved with the development and operation of one or more websites then you may benefit from our announcements on this list.
Subscribers should expect no more than one mail per week as an absolute maximum from this list.