Re: European Data Protection Reglementation to take effect on May 25 - 4D compliance?

2018-02-15 Thread Paul Lovejoy via 4D_Tech 
Hi Pat and Chip,

Thanks for your replies.

I’ve done a lot of reading up in the meantime. This looks like a big one for 
anyone who’s doing business in Europe. The security requirements are quite 
extensive. 

I don’t have time to get into all of it right now but apparently US companies, 
for example, are spending something like $7 billion to adapt their systems to 
become compliant. Big software packages like Oracle and SAP are compliant. 
Adding compliancy to custom solutions developed in 4D could be very, very 
costly. Fines can be as high as €20 million per case. It’s estimated that the 
European Union could impose around €7 billion in fines in the first year alone.


Scary.


Paul


> Le 14 févr. 2018 à 11:13, Pat Bensky via 4D_Tech <4d_tech@lists.4d.com> a 
> écrit :
> 
> Here is a good source of info on GDPR:
> https://unbounce.com/gdpr/
> 
> Pat
> 
> On 13 February 2018 at 19:26, Chip Scheide via 4D_Tech <4d_tech@lists.4d.com
>> wrote:
> 
>> TLDR; the rules  :)
>> 
>> My goto on encryption would be:
>> File vault on Mac OS X (OS level disk encryption) or something similar on
>> a PC,
>> or drive level encryption (in the hardware, not software)
>> Chip
>> 
>>> 
>>> Things such as protection against data breaches, data encryption,
>>> data portability etc. are raised by this new set of rules. In
>>> particular, I was thinking about low-level data encryption and
>>> whether there is any way to implement this in 4D and still provide a
>>> usable interface and good performance.
>> 
>> Hell is other people
>> Jean-Paul Sartre
>> **
>> 4D Internet Users Group (4D iNUG)
>> FAQ:  http://lists.4d.com/faqnug.html
>> Archive:  http://lists.4d.com/archives.html
>> Options: http://lists.4d.com/mailman/options/4d_tech
>> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
>> **
>> 
> 
> 
> 
> -- 
> *
> CatBase - Top Dog in Data Publishing
> tel: +44 (0) 207 118 7889
> w: http://www.catbase.com
> skype: pat.bensky
> *
> **
> 4D Internet Users Group (4D iNUG)
> FAQ:  http://lists.4d.com/faqnug.html
> Archive:  http://lists.4d.com/archives.html
> Options: http://lists.4d.com/mailman/options/4d_tech
> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
> **

**
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: European Data Protection Reglementation to take effect on May 25 - 4D compliance?

2018-02-14 Thread Pat Bensky via 4D_Tech 
Here is a good source of info on GDPR:
https://unbounce.com/gdpr/

Pat

On 13 February 2018 at 19:26, Chip Scheide via 4D_Tech <4d_tech@lists.4d.com
> wrote:

> TLDR; the rules  :)
>
> My goto on encryption would be:
> File vault on Mac OS X (OS level disk encryption) or something similar on
> a PC,
> or drive level encryption (in the hardware, not software)
> Chip
>
> >
> > Things such as protection against data breaches, data encryption,
> > data portability etc. are raised by this new set of rules. In
> > particular, I was thinking about low-level data encryption and
> > whether there is any way to implement this in 4D and still provide a
> > usable interface and good performance.
> 
> Hell is other people
>  Jean-Paul Sartre
> **
> 4D Internet Users Group (4D iNUG)
> FAQ:  http://lists.4d.com/faqnug.html
> Archive:  http://lists.4d.com/archives.html
> Options: http://lists.4d.com/mailman/options/4d_tech
> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
> **
>



-- 
*
CatBase - Top Dog in Data Publishing
tel: +44 (0) 207 118 7889
w: http://www.catbase.com
skype: pat.bensky
*
**
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: European Data Protection Reglementation to take effect on May 25 - 4D compliance?

2018-02-13 Thread Chip Scheide via 4D_Tech 
TLDR; the rules  :)

My goto on encryption would be:
File vault on Mac OS X (OS level disk encryption) or something similar on a PC,
or drive level encryption (in the hardware, not software)
Chip

> 
> Things such as protection against data breaches, data encryption, 
> data portability etc. are raised by this new set of rules. In 
> particular, I was thinking about low-level data encryption and 
> whether there is any way to implement this in 4D and still provide a 
> usable interface and good performance.

Hell is other people 
 Jean-Paul Sartre
**
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: European Data Protection Reglementation to take effect on May 25 - 4D compliance?

2018-02-12 Thread Jody Bevan via 4D_Tech 
Low level data encryption at rest is best achieved with hardware. The major 
server vendors provide RAID controllers that look after this for you on the 
fly. This way the data is always encrypted on the hard drives. That way if 
someone steals the server computer they need that RAID controller in it, and 
know the Windows Admin password to get access to the data. Therefore someone 
cannot take the hard drives only and get the data.

I suspect that is what they are after, but as I have learned with government 
specifications you have to read them, and get their interpretation on them. 

Jody


> On Feb 11, 2018, at 5:24 AM, Paul Lovejoy via 4D_Tech <4d_tech@lists.4d.com> 
> wrote:
> 
> Hi everyone,
> 
> Some of you doing business in Europe may be aware of the new set of rules 
> which will took effect on May 25 2016 and must be applied by May 25 2017. II 
> was asked to assess the impact on a big database we manage in 4D and I was 
> wondering if anyone else has spent time and effort on this question. Just 
> understanding all the legalistic text in these rules would probably require a 
> team of lawyers and consultants: 
> http://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX%3A32016R0679
> 
> Things such as protection against data breaches, data encryption, data 
> portability etc. are raised by this new set of rules. In particular, I was 
> thinking about low-level data encryption and whether there is any way to 
> implement this in 4D and still provide a usable interface and good 
> performance.
> 
> Any thoughts are welcome.
> 
> 
> Cheers,
> 
> 
> Paul

**
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: European Data Protection Reglementation to take effect on May 25 - 4D compliance?

2018-02-12 Thread Lee Hinde via 4D_Tech 
https://scotthelme.co.uk/protect-site-from-cryptojacking-csp-sri/ 



> On Feb 12, 2018, at 12:47 AM, James Wright via 4D_Tech <4d_tech@lists.4d.com> 
> wrote:
> 
> The ICO's website was being used to distribute javascript based crytpo
> mining malware. Some third party JS library was hacked and they were using
> a public CDN version.
> 
> Funny :)
> 
> On 12 February 2018 at 07:57, Bernd Fröhlich via 4D_Tech <
> 4d_tech@lists.4d.com> wrote:
> 
>> Stephen Shaw:
>> 
>>> You may find the UK’s ICOs website more user friendly.
>>> 
>>> https://ico.org.uk 
>> 
>> Yup. It´s short and gets right to the point:
>> 
>> "We're sorry, but our website is unavailable at the moment. Please try
>> again later.
>> 
>> We apologise for any inconvenience caused."
>> 
>> :-))
>> 
>> Greetings from Germany,
>> Bernd Fröhlich
>> **
>> 4D Internet Users Group (4D iNUG)
>> FAQ:  http://lists.4d.com/faqnug.html
>> Archive:  http://lists.4d.com/archives.html
>> Options: http://lists.4d.com/mailman/options/4d_tech
>> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
>> **
>> 
> 
> 
> 
> -- 
> [image: logo]
> *James Wright* C.T.O.*, Drag and Drop*
> Tel: 08000 43 22 12 | Suite 6/7 Chichester House, 45 Chichester Road,
> Southend-on-Sea, Essex SS1 2JU
> supp...@draganddrop.co.uk | www.ezadspro.co.uk | www.draganddrop.co.uk
> **
> 4D Internet Users Group (4D iNUG)
> FAQ:  http://lists.4d.com/faqnug.html
> Archive:  http://lists.4d.com/archives.html
> Options: http://lists.4d.com/mailman/options/4d_tech
> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
> **

**
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: European Data Protection Reglementation to take effect on May 25 - 4D compliance?

2018-02-12 Thread James Wright via 4D_Tech 
The ICO's website was being used to distribute javascript based crytpo
mining malware. Some third party JS library was hacked and they were using
a public CDN version.

Funny :)

On 12 February 2018 at 07:57, Bernd Fröhlich via 4D_Tech <
4d_tech@lists.4d.com> wrote:

> Stephen Shaw:
>
> > You may find the UK’s ICOs website more user friendly.
> >
> > https://ico.org.uk 
>
> Yup. It´s short and gets right to the point:
>
> "We're sorry, but our website is unavailable at the moment. Please try
> again later.
>
> We apologise for any inconvenience caused."
>
>  :-))
>
> Greetings from Germany,
> Bernd Fröhlich
> **
> 4D Internet Users Group (4D iNUG)
> FAQ:  http://lists.4d.com/faqnug.html
> Archive:  http://lists.4d.com/archives.html
> Options: http://lists.4d.com/mailman/options/4d_tech
> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
> **
>



-- 
[image: logo]
*James Wright* C.T.O.*, Drag and Drop*
Tel: 08000 43 22 12 | Suite 6/7 Chichester House, 45 Chichester Road,
Southend-on-Sea, Essex SS1 2JU
supp...@draganddrop.co.uk | www.ezadspro.co.uk | www.draganddrop.co.uk
**
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: European Data Protection Reglementation to take effect on May 25 - 4D compliance?

2018-02-11 Thread Bernd Fröhlich via 4D_Tech 
Stephen Shaw:

> You may find the UK’s ICOs website more user friendly.
> 
> https://ico.org.uk 

Yup. It´s short and gets right to the point:

"We're sorry, but our website is unavailable at the moment. Please try again 
later.

We apologise for any inconvenience caused."

 :-))

Greetings from Germany,
Bernd Fröhlich
**
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: European Data Protection Reglementation to take effect on May 25 - 4D compliance?

2018-02-11 Thread Stephen Shaw via 4D_Tech 
Paul

You may find the UK’s ICOs website more user friendly.

https://ico.org.uk 

Steve

P.S. Its May 2018!


> On 11 Feb 2018, at 11:24, Paul Lovejoy via 4D_Tech <4d_tech@lists.4d.com> 
> wrote:
> 
> Hi everyone,
> 
> Some of you doing business in Europe may be aware of the new set of rules 
> which will took effect on May 25 2016 and must be applied by May 25 2017. II 
> was asked to assess the impact on a big database we manage in 4D and I was 
> wondering if anyone else has spent time and effort on this question. Just 
> understanding all the legalistic text in these rules would probably require a 
> team of lawyers and consultants: 
> http://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX%3A32016R0679
> 
> Things such as protection against data breaches, data encryption, data 
> portability etc. are raised by this new set of rules. In particular, I was 
> thinking about low-level data encryption and whether there is any way to 
> implement this in 4D and still provide a usable interface and good 
> performance.
> 
> Any thoughts are welcome.
> 
> 
> Cheers,
> 
> 
> Paul
> **
> 4D Internet Users Group (4D iNUG)
> FAQ:  http://lists.4d.com/faqnug.html
> Archive:  http://lists.4d.com/archives.html
> Options: http://lists.4d.com/mailman/options/4d_tech
> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
> **

**
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**