Historically cyber security has been regarded as a function of the IT department, however I heard this quote at a Cyber Security event “do you have the IT team in charge of the ‘dont murder people policy’, so why do they control gdpr compliance, it’s a law”.
It is critical that your people are properly prepared for their role in improving security.
So, how many passwords do you have?
Recently we have seen an increase in malicious traffic that are targeting some of our sites. This is a real problem for everyone as it is wasting time and resources that are precious to us all. It can mean slow sites, spam submissions, sites getting scripted attacks or even DDoS (distributed denial of service) attacks that can take down a whole server. So what can we do? Well one solution, that is actually free in a lot of use cases, is Cloudflare.
A few of you may be aware of the Log4j vulnerability that has been discussed over the last few days and are worried about this impacting the servers that your CiviCRM and website are hosted on.
Well the short answer is, don't worry, your server isn't affected!
The long answer
Some of you may be aware that in November 2021 Drupal 7 was due to become "End of Life", however due to the Covid 19 crisis this has now been extended to November 28th 2022. See latest Drupal Blog - https://www.drupal.org/psa-2020-06-24
So what does this mean?
This just means that there is now longer before we have to update your sites from Drupal 7. However we are still working on the different scenarios so we can give you some options for your sites well before this date.
You might have heard that Google is moving or, if you've recently had a notification around new terms and conditions, has moved UK data from it's data centre in Ireland to the US.
What does this mean?
At the time of writing this article BREXIT is just over 7 weeks away but who knows anymore! It could never happen, it could be delayed or we could leave as planned on the 31st October!
However what happens to your data if we leave with no deal? Well as always, it depends!
The General Data Protection Regulation (GDPR) came into force in May 2018, and by the letter of the law, virtually every business in the UK needs to comply with it. However, there are still some misconceptions surrounding the law and what it means to organisations. This can lead to difficult situations where mistakes can be made.
You may be aware there has just been a critical security release for CiviCRM. As a result, we are working as quickly as we can to move all sites up to the new release which is 5.10.3.
Due to the nature of this update, it is mandatory we upgrade all sites and we will look to do so with as little disruption to your service as possible. These upgrades are unable to be scheduled and have to be supervised so we can try to avoid busy times but some disruption will be inevitable.
Security is important. We always make sure our software is up to date and ask our hosts for their security credentials.
But what is equally important is ensuring that our passwords are strong. The average online user has around 26 online passwords. If you use the same password on multiple sites and one password is compromised, your other logins are vulnerable too. Here are some hints and tips for managing your passwords and creating unique passwords that won't leave you vulnerable.