Service Offerings
- Cyber security training
- Product reviews
- Blog or article writing
- Cyber security consulting for SME & HNWI
Chapter Author
Contact Graeme
Journalists, students, potential clients or anyone else, email.......
graeme@datasecurityexpert.co.uk
Something private to say?
PGP public key
graeme@datasecurityexpert.co.uk
Something private to say?
PGP public key
No AI Used Here
Home Office, should it cost £319.20 to update a person’s name and do PCI-DSS rules not apply to you?
- Details
- Category: Private Thoughts
Very swiftly I filled out what I thought was the right online form and paid them £38.20. This figure sounded fair to me till it said you need an appointment with Sopra Steria, one of the governments many profiting outsourcers. £139 was the cheapest appointment and they sell extras like luxury lounges & special assistance.
There is no choice but to pay £139-£400 plus optional extras and all they do is take your photo again, scan fingerprints and take a copy of your new passport. £139 is very excessive for a five-minute appointment in my view.
Three weeks past and the Home Office emailed saying we do not understand your application. Perhaps I used the wrong form. I replied explaining what we wanted and another 2-3 weeks past. Another email came saying the same thing and I replied with the same reply as before. Below is the reply:
Wonder why the hospitality industry struggles? Just read my first-hand story which includes high heels!
- Details
- Category: Private Thoughts
Last year I worked with a man in a cyber security training job from Slovakia and now he has moved outside of the industry. He told many stories about illegal immigrants, gang masters, low pay, people stealing money from their clients (outsourcers), tips nor service charges never going near the staff and a lot more. When it comes to corruption, we tend to think about countries outside of Europe but in reality, corruption in the United Kingdom is just “more polite”.
On to this year, after my wife returned in February after five months abroad, thanks to the Home Office, my wife looked for work. It was her first and hopefully last job in the hospitality industry in England. Finding a job is not hard which is also a warning sign. My wife applied directly to well-known 5* hotel in zone one and did not hear back for weeks. In the meantime, my wife applied for a job through an agency which happened to be at the same hotel.
DLP (Data Loss/Leakage Prevention) should be one chink of your cyber security armour
- Details
- Category: Cyber Security (Personal)
Anti-malware, EDR, XDR, MDR, firewalls and more are constant product words we hear; however, they do not generally focus on data protection. To many data protection is GDPR and getting a solicitor to draft a privacy policy no one ever reads and no it does not “physically” protect data. Guess what, if you are hacked or if you have insider threats, a piece of paper (policy) does not do anything to protect data.
How can data can be exfiltrated?
- CD/DVD: less likely now since most endpoints do not have an optical drive. External USB writers maybe a concern still though
- SD card: some laptops & desktops have a slot or USB adapters can be used
- USB drives or external hard drives: super common and easy to smuggle in
- Email: mostly Outlook app though webmail as below is another method
- Websites: all sorts. Chat apps, file sharing sites, webmail, personal websites etc.
- Smartphones: most people do not know that smartphones via USB are classed as MTP (Media Transfer Protocol)
- Bluetooth: to phones, tablets, laptops and more
- Local apps: great, you have blocked OneDrive web but what about the app installed?
- And more sneaky ways
Page 5 of 60