Why it’s Time to Get Proactive About Security Thomas GloerfeldOctober 16, 20220256 views Of all the business risks facing organizations today, cyber-attacks were recently highlighted by executives as the most serious. That’s a heartening sign that awareness levels at the very top are at least improving. But it’s too soon to get carried away. In fact, separate research reveals that many organizations still treat security as an afterthought, until they’re breached. It’s 2022 and organizations can do better.… Read more
Why We Comply with Data Privacy Laws and Standards Thomas GloerfeldMarch 27, 20220277 views The answer is really simple, right? Governments pass laws that mandate certain rules be followed and infuse a punitive measure for those people or organizations not in compliance with the regulation in question. Read more
Balancing Agility with Data Security Thomas GloerfeldSeptember 21, 20210293 views Agile development is known for well-paced development cadences with short, quick sprints. These fast bursts are typically focused on ensuring something of value (functioning code) gets done in a short amount of time, allowing for new features and functionality to be available in the product on a regular basis. As opposed to the traditional, slower forms of software development, with releases methodically planned and executed over many months or even years, Agile keeps the focus on speed, user feedback, and iterative refinement. Read more
Three Years of GDPR – a Look Back Thomas GloerfeldJune 15, 20210278 views It might be hard to imagine, but it has been three years since the General Data Protection Regulation (GDPR) was implemented in the European Union (EU) on 25 May 2018. Time certainly does fly by when you are trying to protect data. Nevertheless, the term ‘GDPR’ has set a precedent on what is to be expected from organizations when it comes to protecting personally identifiable information (PII) of EU data subjects and has served as the foundational inspiration for many international data security regulations. Read more
‘New Nacha supplementing data security requirements coming up’ Thomas GloerfeldMarch 23, 20210372 views Nacha is a non-profit organization that convenes hundreds of diverse organizations to enhance and enable electronic payments and financial data exchange within the U.S. and across geographies. Through the development of rules, standards, governance, education, advocacy, and in support of innovation, Nacha's efforts benefit the providers and users of those systems. Nacha leads groups focused on API standardization, authors the Quest Operating Rules for EBT, and is the steward of the ACH Network, a payment system that universally connects all U.S. bank accounts and facilitates the movement of money and information. In 2020, nearly 27 billion payments and close to $62 trillion in value moved across the ACH Network. Read more
Robust security strategy for your hybrid IT Thomas GloerfeldJune 23, 20200268 views What Is Hybrid IT? At its most basic level, hybrid IT is a blend of cloud-based and on-premises IT services. When applications and data were all maintained on-premises (or in-house) standardization was a best practise and security was much simpler. Now that the business and IT are realising the benefits of cloud services, hybrid IT is the common strategy. The new benefits of agility and flexibility brought by hybrid IT come at a cost… How do we keep these more vulnerable applications and data secure? Read more
Is the US Ready for Centralized Data Privacy Enforcement? Thomas GloerfeldMarch 24, 20200213 views The recent news about a proposed bill to create a central data privacy enforcing body shines another spotlight on the high-risk, high stakes shifting ground that many businesses operate their engines of growth on – consumer data collection, analysis, and retention. Read more
3 Benefits of Taking Data Out of PCI Audit Scope Thomas GloerfeldDecember 10, 20190237 views Whether your company accepts payments at a store or restaurant, sells products or services through a website, or handles monthly payment billing, you or someone at your company is most likely aware of the security requirements of the Payment Card Industry Data Security Standard (PCI DSS). Each calendar year, your organization needs to prove that it complies with the 12 requirements listed under PCI DSS. Often, this process is time consuming, costly, and involves key people primarily focusing on assessing, verifying, and completing the compliance audit. Read more
Data is your superpower Thomas GloerfeldNovember 30, 20190298 views In today’s world of round-the-clock online business and commerce, data is everywhere. Data has become your superpower, even more so when it’s protected data. As many users of HPE NonStop systems are processing a large amount of sensitive or mission-critical data it is paramount that such data is protected in the best possible manner. The challenge that many organizations are facing is that the isolated databases of old have evolved dramatically and so has the need for appropriate data protection and security. Read more
Solving the need for SNA and X.25 Support on NonStop X Thomas GloerfeldSeptember 30, 20190167 views As the support timeline winds down for NonStop Itanium platforms, more and more customers are looking forward to their next step in their NonStop evolution. The NonStop X platform running L-series is the new home where customers are moving. For some customers there is a serious issue in moving to NonStop X. They still heavily use SNA, SNAX and/or X.25 to communicate with other companies. For some banking customers this was a particular roadblock that seemed to require rework of their application and a change in how transaction information and messages will be sent to their partners. Because HPE did not port their own SNAX and X.25 products from Itanium onto the NonStop X platform, some customers felt stuck and overwhelmed by what it might involve to migrate. Read more