GDPR: direct marketing vs natural/legal persons

Just a quick hint if you want to contain legal spam under GDPR.

Recital (14) “The protection afforded by this Regulation should apply to natural persons, whatever their nationality or place of residence, in relation to the processing of their personal data. This Regulation does not cover the processing of personal data which concerns legal persons and in particular undertakings established as legal persons, including the name and the form of the legal person and the contact details of the legal person. ”

Recital (26) “The principles of data protection should apply to any information concerning an identified or identifiable natural person. ”

In short, GDPR only applies to natural persons (people breathing), not to legal person (like, the thing with a VAT number or company registration nr).

So: Companies/legal persons can be legally contacted or spammed.

Conclusion: use a general mail address (like info@ or company@) in all non-personal company registrations and contact details, white pages, yellow pages, VAT or government paperwork…

Make sure your official company registration DOES NOT refer to a personal address.

And as owner or delegate, keep your mail address for your personal professional communication, eg signature with personally identifiable contact details (mail, phone, mobile, skype, IM, …).

Because then your personal mail account is related to an identified and identifiable natural person, and covered by GDPR, protected from direct marketing violations. Should be.

Advertisements

Note-to-self: MVA Learning Path – Security for the Chief Security Officer (CSO)

From a LinkedIn connection (thx Jeff and congratz on the achievement) I received an interesting pointer to a set of courses on MVA, Microsoft Virtual Academy.

An MVA ‘learning path’ is a combination of learning courses.
Just recently MVA published the ‘Security for the Chief Security Officer (CSO)’ learning path.

Check it out at : https://mva.microsoft.com/learning-path/security-for-the-chief-security-officer-cso-21

It combines 6 courses (better make sure to access them from the learning path):

  1. How to Harden Your Enterprise in Today’s Threat Landscape
  2. Cybersecurity Reference Architecture
  3. Cloud Security from the Field

BTW: have a look on the ‘security’ based content on Microsoft Virtual Academy, you’ll be surprised how much you can (continue to) learn.

See: https://mva.microsoft.com/search/SearchResults.aspx#!q=security

Note-to-self: #MIM2016 & #FIM2010 Config documenter released on GitHub

Source: Announcement on MIM 2016 Group on LinkedIn by  Jef Kazimer

Source Code: https://github.com/Microsoft/MIMConfigDocumenter

Jef announced that the Identity Community Projects team has published the MIM Config Documenter tool to the Microsoft GitHub Organization as an open source community project.

The MIM configuration documenter is a very nice and easy tool to generate documentation of a MIM / FIM synchronization or service installation.

It allows to: 

  • Document deployment configuration details for the MIM / FIM solution, including MIMWAL Workflow definitions
  • Track any configuration changes you have made since a specific baseline
  • Build confidence in getting things right when making changes to the deployed solution

You can find the project code, releases, and documentation at https://github.com/Microsoft/MIMConfigDocumenter

 

Note-to-self: Short URL for app password in Azure MFA

When you enable MFA (Multifactor Authentication) in Azure, you can configure app passwords for applications that cannot work with the code generators, applications, phone apps to logon with MFA…

The source URL for it is: https://account.activedirectory.windowsazure.com/AppPasswords.aspx

But it’s very likely you can’t remember it anymore after a while, so train your brain for these bookmarks:

Also, these point to the same URL.

 

Note-to-self: Hotfix rollup package (build 4.4.1459.0) is available for #MIM2016 SP1

Microsoft has released an hotfix for MIM2016 SP, with an awful lot of updates and improvements.. to much to list… but more to read:

See here: Source: https://support.microsoft.com/en-us/help/4012498/hotfix-rollup-package-build-4-4-1459-0-is-available-for-microsoft-iden

 

Note-to-self: You lost access to your initial Office 365 admin?

Although Microsoft has built in quite some methods to regain access to your 0365 tenant/account, you might have some bad luck one day… (experience talking here)

First of all you should try the default options, meaning : the password reset options.

The direct way to get there is the first link to bookmark: https://passwordreset.microsoftonline.com/

Another way to get there is in the 0365 logon page (also for Azure),

o365_1

If you forgot your password or can’t access the account, hit the link at the bottom.
You get directed to :

o365_2

If you know the logon, you can proceed to

o365_3

You notice that the verification is pointing to your alternative mail address or your mobile number…

But what if you forgot your original logon ID (mail address), eg in case you have setup a test tenant in 0365 with an mail address you don’t use frequently? (yes, that happens)

If that is not working or you need more help, check these options:

And if you really ran out of luck: you might raise a ticket and ask for help. https://portal.office.com/support/newsignupservicerequest.aspx

Anyway, as shown there are some options when configuring 0365 that should keep you out of trouble in the first place

  • make sure to add a mobile number to your user account
  • make sure to add a secondary email address to your account (not belonging to your O365 domain)
  • Configure and test MFA (multifactor Authentication), eg with the Authenticator app
  • add a secondary admin account with sufficient rights (with the same security measures!)