Useful resources for GDPR starters

I realise, this braindump will never be finished, so come back once in a while to check for updates. Work in progress…

But let’s turn around the thing a bit, you certainly must have smart ideas or articles on GDPR for starters that belong on this list! Let me know and I’ll add it to the list.
Of course, with the proper credits!

DISCLAIMER: These resources are provided / authored by different people, companies, vendors, each of them copyrighted by the original owner.
The resources below are just a collection or interesting documentation, need to have, without any preference or commercial interest for any party.

First of all, before you start with GDPR you must have read the GDPR text.
It’s not as bad (you mean: legalese) as you might suspect.

GDPR official text

You might want to have it a bit more condensed to start.

Visualisation sheet

Have a look what Jonas Holdensen has published,  a marvelous sheet to provide a visualization on GDPR.

If you prefer the file in pdf or word, then download the file here: www.kortlink.dk/rhpx

GDPR Table of contents

Once you get through the legal texts… you’ll quickly understand that the GDPR text itself at least lacks 1 important thing: A table of contents (TOC).

This TOC by Intersoft Consulting might help: bookmark https://gdpr-info.eu/

It provides a nice overview of the GDPR Recitals (= reasons the articles of the GDPR have been adopted).

There are 173 recitals, the and the TOC provides a quick topic overview at https://gdpr-info.eu/recitals/.

Also  the site provides an overview of the GDPR structure

  • 11 Chapters
  • Sections per chapter
  • 99 Articles (spread over sections / chapters

Mapping GDPR to ISO27001 schema

Implementing GDPR with ISO27001

https://pecb.com/oldwebinar/26-may-2018-from-gdpr-to-sustainable-gdp

GDPR at a glance

https://www.twobirds.com/~/media/pdfs/gdpr-pdfs/bird–bird–guide-to-the-general-data-protection-regulation.pdf (Credits for Moritz Anders).

Courses

Region Provider Course URL
WW IAPP CIPT, CIPP/E, CIPM, https://iapp.org/train/gdprready/
WW PECB PECB Certified Data protection Officer https://pecb.com/en/education-and-certification-for-individuals/gdpr
BE DP Institute Data Protection Officer Certificatie Training https://www.dp-institute.eu/nl/opleidingen/
WW IT Governance GDPR https://www.itgovernance.co.uk/data-protection-dpa-and-eu-data-protection-regulation

 

 

 

 

 

 

 

Advertisements

GDPR: direct marketing vs natural/legal persons

Just a quick hint if you want to contain legal spam under GDPR.

Recital (14) “The protection afforded by this Regulation should apply to natural persons, whatever their nationality or place of residence, in relation to the processing of their personal data. This Regulation does not cover the processing of personal data which concerns legal persons and in particular undertakings established as legal persons, including the name and the form of the legal person and the contact details of the legal person. ”

Recital (26) “The principles of data protection should apply to any information concerning an identified or identifiable natural person. ”

In short, GDPR only applies to natural persons (people breathing), not to legal person (like, the thing with a VAT number or company registration nr).

So: Companies/legal persons can be legally contacted or spammed.

Conclusion: use a general mail address (like info@ or company@) in all non-personal company registrations and contact details, white pages, yellow pages, VAT or government paperwork…

Make sure your official company registration DOES NOT refer to a personal address.

And as owner or delegate, keep your mail address for your personal professional communication, eg signature with personally identifiable contact details (mail, phone, mobile, skype, IM, …).

Because then your personal mail account is related to an identified and identifiable natural person, and covered by GDPR, protected from direct marketing violations. Should be.

Note-to-self: MVA Learning Path – Security for the Chief Security Officer (CSO)

From a LinkedIn connection (thx Jeff and congratz on the achievement) I received an interesting pointer to a set of courses on MVA, Microsoft Virtual Academy.

An MVA ‘learning path’ is a combination of learning courses.
Just recently MVA published the ‘Security for the Chief Security Officer (CSO)’ learning path.

Check it out at : https://mva.microsoft.com/learning-path/security-for-the-chief-security-officer-cso-21

It combines 6 courses (better make sure to access them from the learning path):

  1. How to Harden Your Enterprise in Today’s Threat Landscape
  2. Cybersecurity Reference Architecture
  3. Cloud Security from the Field

BTW: have a look on the ‘security’ based content on Microsoft Virtual Academy, you’ll be surprised how much you can (continue to) learn.

See: https://mva.microsoft.com/search/SearchResults.aspx#!q=security

Note-to-self: #MIM2016 & #FIM2010 Config documenter released on GitHub

Source: Announcement on MIM 2016 Group on LinkedIn by  Jef Kazimer

Source Code: https://github.com/Microsoft/MIMConfigDocumenter

Jef announced that the Identity Community Projects team has published the MIM Config Documenter tool to the Microsoft GitHub Organization as an open source community project.

The MIM configuration documenter is a very nice and easy tool to generate documentation of a MIM / FIM synchronization or service installation.

It allows to: 

  • Document deployment configuration details for the MIM / FIM solution, including MIMWAL Workflow definitions
  • Track any configuration changes you have made since a specific baseline
  • Build confidence in getting things right when making changes to the deployed solution

You can find the project code, releases, and documentation at https://github.com/Microsoft/MIMConfigDocumenter

 

Note-to-self: Short URL for app password in Azure MFA

When you enable MFA (Multifactor Authentication) in Azure, you can configure app passwords for applications that cannot work with the code generators, applications, phone apps to logon with MFA…

The source URL for it is: https://account.activedirectory.windowsazure.com/AppPasswords.aspx

But it’s very likely you can’t remember it anymore after a while, so train your brain for these bookmarks:

Also, these point to the same URL.

 

Note-to-self: Hotfix rollup package (build 4.4.1459.0) is available for #MIM2016 SP1

Microsoft has released an hotfix for MIM2016 SP, with an awful lot of updates and improvements.. to much to list… but more to read:

See here: Source: https://support.microsoft.com/en-us/help/4012498/hotfix-rollup-package-build-4-4-1459-0-is-available-for-microsoft-iden