By John Gruber
Stop political robocalls & texts with Nomorobo!
24% off with code DARINGFIREBALL24.
My thanks to 1Password — which, earlier this year, acquired longtime DF sponsor Kolide — for sponsoring last week at DF. When the EU enacted GDPR in 2018, executives and security professionals waited anxiously to see how the law would be enforced. And then they kept waiting ... and waiting ... but the Great European Privacy Crackdown never came.
But the days of betting that you’re too big or too small to be noticed by GDPR are over. Recently, EU member nations (plus the UK) have started taking action against data controllers of all sizes–from the big (Amazon), to the medium (a trucking company), to the truly minuscule (a Spanish citizen whose home security cameras bothered their neighbors).
If you’re an IT or security professional, you may be wondering what to do. Unfortunately, GDPR compliance isn’t the kind of thing you can solve by buying a tool or scheduling a training session. The best place to start is to adopt a policy of data minimization: collect only the data you truly need to function, on both customers and employees. After that, your second priority should be securing the data you have — keeping it only as long as you absolutely need to, and then destroying it.
1Password can help with all aspects of GDPR compliance. To learn more about GDPR compliance, check out this post at 1Password’s blog.
★ Monday, 29 July 2024