Data Security Expert - Home of Graeme Batsman

Welcome To DataSecurityExpert.co.uk

Contact Graeme

Want to get in touch?
graeme@datasecurityexpert.co.uk

Something private to say?
PGP public key

Feeling social?

Chapter Author

"Chpt. 4: How to Defend"

Security on Office 365

Details: Category: Work Articles; Last Updated: 20 March 2019; Hits: 115

QA Cyber Security Technical Consultant, Graeme Batsman, lists five tips to enhance security for Office 365 email.

Office365, other SaaS email services and other Clouds in general can be more secure than having it on-premise, however security is also dependent on an important factor… you the end user. You can spend £1,000 on a physical high security certified safe and set the PIN as 00000 or put a Post-it note near it with the PIN on, and hey presto the high security product or service is greatly weakened by a human being.

The admin account
Go back ten years and usernames were not email addresses but a letter followed by a few random numbers. Now everything is This email address is being protected from spambots. You need JavaScript enabled to view it. or initialsurname as login. This has made password cracking, guessing or phishing easier.

DataSecurityExpert “Special” Exposé - If you have ever wondered what data leakage/exposure looks like, here is your chance to see, and it contains some funny stuff (e.g. adult toys and more)

Details: Category: Personal Articles; Last Updated: 18 March 2019; Hits: 275

This is like a Top Gear or Grand Tour, it is extra long and contains a lot of cool stuff!

WARNING: This article contains some mild adult words later on - no images of course.
Part one
This is actually part two; part one is https://www.datasecurityexpert.co.uk/articles/273-supply-chain-security-this-will-make-you-think-twice-about-shopping-online,-especially-at-adult-stores.html. Why am I exposing more this time? Simple; things have not improved at all and have maybe got worse. You will know from my writing, I am technically biased and firmly believe the United Kingdom is very vulnerable and is not improving fast enough security-wise. I have probably ten plus seriously shocking stories, however this one is not about a client nor employee, hence the part-exposure.

Let’s start off in 2015 with something rather trivial. I ordered two small books; one on ISO 27001 and one on PCI-DSS. They were purchased from a well-known, though not big, IT services firm which sells consulting services, books and training courses. The books arrived, I read them and forgot about everything. Not long after, I started working at Capgemini, which has no relation to this story.