Latest news with #GeneralDataProtectionRegulation
Techday NZ
12 hours ago
- Business
- Techday NZ
Yubico launches Enhanced PIN YubiKey to boost enterprise security
Yubico has introduced the YubiKey 5 – Enhanced PIN, which is available through its YubiKey as a Service programme, providing additional PIN capabilities for enterprises seeking advanced authentication measures in 175 countries and 24 territories. The latest product from Yubico comes pre-configured with features intended to improve PIN management and user enforcement. Included in the configuration are a mandatory minimum PIN length and requirements for increased PIN complexity. This helps organisations meet evolving policy, compliance, and audit requirements for user authentication. As cyber threats facing enterprises continue to evolve, government standards and regulations regarding secure authentication are also changing. Enhanced authentication requirements, including those outlined in PSD2, the General Data Protection Regulation (GDPR), and the upcoming Cyber Resilience Act (CRA), are prompting organisations across multiple industries to update their authentication methods. These regulations underscore the importance of resisting unauthorised access, particularly credential phishing attacks. Industry standards are trending towards the use of phishing-resistant multi-factor authentication (MFA). Some organisations are requiring longer PINs, with a minimum of six characters, as well as increased complexity on hardware security keys, in order to strengthen security protections for their users. The new Enhanced PIN features are available on the YubiKey 5 NFC and YubiKey 5C NFC models, specifically through the YubiKey as a Service platform. Notable capabilities include PIN complexity set by default, a minimum PIN length requirement of six characters, comprehensive PIN management for users with enforcement policies applied by default, and always-on user verification (alwaysUV). In addition, a unique FIDO AAGUID is utilised to support policy enforcement. "Customers now have the ability to easily meet policy and audit requirements, as well as evolving compliance and regulatory guidance for authentication, with an 'off-the-shelf' product." The introduction of the Enhanced PIN YubiKeys aims to support organisations in meeting new regulatory and authentication standards in markets such as the European Union and Asia-Pacific Japan (APJ) region. Regulatory pressures for phishing-resistant authentication solutions are intensifying in these regions, increasing the demand for these types of security keys. Yubico has responded to this by expanding the reach of its YubiKey as a Service to include all European Union countries, and its YubiEnterprise Delivery has been broadened to a further 117 locations globally. The company's total distribution now covers 199 locations, which includes 175 countries and 24 territories. This expansion is designed to support both office-based and remote employees, effectively doubling the delivery coverage compared to previous years. Prior to this release, Yubico launched the YubiKey 5.7 firmware and the Security Key – Enterprise Edition, which introduced optional PIN complexity for devices running firmware version 5.7 or later. The Enhanced PIN capability now arrives as a standard feature for supported models acquired through the company's service platform. Organisations adopting these new keys are better equipped to streamline their approach to phishing-resistant authentication in markets where regulatory compliance is a growing concern. The expanded reach includes increased availability in regions such as the United States, Canada, Japan, Singapore, Australia, India, and the United Kingdom. The expanded service and new key features reflect Yubico's effort to address the challenges posed by a changing cybersecurity landscape and varying global regulatory requirements, supporting enterprise customers in their transition to more robust authentication systems.
South Wales Argus
a day ago
- Politics
- South Wales Argus
Newport RAF veteran forced out of military seeks apology
This renewed expression of contrition follows an Argus report into the case of Kevin Jones, a Lliswerry man now living with an aggressive form of prostate cancer. Kevin is seeking accountability for the premature end of his military career, which he says was unfairly derailed due to his sexuality. Kevin told the Argus that he jumped before he was pushed, describing the suspicion, scrutiny and pressure he endured while serving as a gay man. He now seeks access to his service records in pursuit of redress; however, records have gone missing, which Kevin finds as frustrating as the lack of an apology and accountability. "I just want my apology and an explanation of why my records were destroyed. Without them, what can I prove?" Kevin said. In response to the story, the Ministry of Defence expressed deep regret over the treatment of LGBT personnel between 1967 and 2000, describing it as wholly wrong and completely unacceptable. However, it stopped short of speaking about Kevin's individual case. Historic Newport pub hosts its first same sex wedding Firefighters tackle huge fire at scrapyard for 24 hours to bring it under control Tributes paid to 'fearless' Monmouth environmentalist Kevin has said his efforts toward justice have been obstructed by the destruction of documentation during a 'shredding party' that saw thousands of cases erased. The MOD said the record destruction was in line with government policy and data protection legislation. The MOD confirmed that most records relating to decriminalised sexual offences were destroyed between 2010 and 2011. Officials stated that these documents were considered to hold no further investigative value and contained sensitive personal information. General Data Protection Regulation (GDPR), a stricter successor to earlier data laws, was incorporated into British law in 2018. Kevin continues to seek answers and accountability for the loss of his otherwise unblemished career. The general apology coincides with the ongoing Government Financial Recognition Scheme, launched on 13 December, 2024. The scheme offers a flat-rate payment of £50,000 to individuals dismissed or discharged due to their sexuality or gender identity and additional awards between £1000 and £20000 pounds for other impacts, assessed by an independent panel. The MOD encourages affected individuals to contact LGBT-FRScheme@ for support. Instructions issued by the Defence Police Chiefs Forum in 2010 mandated the removal of historical investigation and conviction records, aligning with legal reforms that eliminated these offences from criminal background checks. Eligibility for the Dismissed or Discharged Payment includes those ordered to retire or resign, medically discharged or administratively removed due to their sexuality or gender identity. Individuals who exited voluntarily or due to contract expiry may still be eligible for the LGBT Impact Payment. The MOD states it is fully committed to recruiting and retaining in an inclusive way
Scottish Sun
2 days ago
- Scottish Sun
I'm fuming after spotting my neighbour's camera – it looks directly into my garden and records everything my kids do
Plus, what are your legal rights if this happens to you CAM ON NOW I'm fuming after spotting my neighbour's camera – it looks directly into my garden and records everything my kids do Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) A WOMAN was left fuming after claiming her neighbour has installed a camera in their window which looks directly into her garden. The mum said she was especially concerned as her kids play in the garden in full view of the alleged recording device. Sign up for Scottish Sun newsletter Sign up 1 A woman claimed her neighbour is 'filming' into her garden The woman claimed: 'He's now recording me. 'I can't cope. 'He's watching my kids, this is enough.' She didn't share whether or not she had already confronted her neighbour, but people were quick to chime in with their views on the video. Many people urged her to report the neighbour to the police, with some calling it a privacy violation. However, another said: '2 sides to every story.' The person replied: 'I don't do anything that untoward, I get anxious with confrontation. 'Next door go to sleep at 10, I respect that and make sure my house is in bed too cos not to make any noises! They scare my [sic] I'm alone with 3 small kids!' WHAT ARE YOUR RIGHTS? It's typically not illegal for a neighbour's security camera to capture images beyond their property boundary, but it can be intrusive and raise privacy concerns. If your CCTV footage captures images beyond your property boundary then you are subject to the data protection laws. Your kids are breaking law if they kick their ball over neighbour's fence, High Court rules after couple sued next door Legal experts say you will be regulated under the General Data Protection Regulation and the Data Protection Act. You may be familiar with this when it comes to websites storing your data or companies sending you emails. Joanne Ellis, a partner at Warrington-based solicitor Stephensons, said if CCTV being captured falls outside of a homeowner's property boundaries, the person capturing the CCTV becomes a data controller. This creates a set of responsibilities for the CCTV owner. The person captured has a right to be told a CCTV system is being used and what information is being recorded. Ellis said a subject access request can be made if a neighbour refuses to do this. She said: "You can ask for the footage captured of you to be deleted - but it can be refused if there is a legitimate reason to keep it such as it captures a burglar. "Any third parties that the CCTV is disclosed to, such as police and insurers, are also obliged to process the footage in accordance with the rules." CAN YOU REFUSE TO BE FILMED? Ellis said that a neighbour can request they are not captured on CCTV, but this might not be granted if the filming complies with regulations. The CCTV owner must also process data in a lawful and transparent manner and only for specified and legitimate purposes. Ellis said: "In a domestic context, this is usually to deter or record burglaries or theft. "If the CCTV footage for example covers a potential entrance or exit and is not too intrusive for the neighbour the use is likely to be considered legitimate." As always with disputes, Ellis said, the best course of action is to speak with the neighbour, voice your concerns and try to reach agreement. If that fails it may be worth taking legal advice, but this can be pricey.
Canada Standard
2 days ago
- Business
- Canada Standard
How Eurostack could offer Canada a route to digital independence from the United States
The contemporary internet has been with us since roughly 1995. Its current underlying economic model - surveillance capitalism - began in the early 2000s, when Google and then Facebook realized how much our personal information and online behaviour revealed about us and claimed it for themselves to sell to advertisers. Perhaps because of Canada's proximity to the United States, coupled with its positive shared history with the U.S. and their highly integrated economies, Canada went along for that consumerist ride. The experience was different on the other side of the Atlantic. The Stasi in the former East Germany and the KGB under Josef Stalin maintained files on hundreds of thousands of citizens to identify and prosecute dissidents. Having witnessed this invasion of privacy and its weaponization first-hand, Europe has been far ahead of North America in developing protections. These include the General Data Protection Regulation and the Law Enforcement Directive, with protection of personal data also listed in the European Union's Charter of Fundamental Rights. Canada clearly took too much for granted in its relationship with the U.S. Suddenly, Canada is being threatened with tariffs and President Donald Trump's expressed desire to make Canada the 51st American state. This has fuelled the motivation of Canada both internally and in co-operation with western European governments to seek greater independence in trade and military preparedness by diversifying its relationships. Prime Minister Mark Carney has begun promoting "nation-building projects," but little attention has been paid to Canada's digital infrastructure. Read more: How Canadian nationalism is evolving with the times - and will continue to do so Three recent developments suggest Canada would be well-advised to start paying close attention: 1. The current U.S. administration has raised concerns about its reliability as a partner and friend to Canada. Most of the concerns raised in Canada have been economic. However, Curtis McCord, a former national security and technology researcher for the Canadian government, has said the current situation has created vulnerabilities for national security as well: "With Washington becoming an increasingly unreliable ally, Mr. Carney is right to look for ways to diversify away from the U.S. But if Canada wants to maintain its sovereignty and be responsible for its national security, this desire to diversify must extend to the U.S. domination of Canada's digital infrastructure." 2. Silicon Valley is exhibiting a newfound loyalty to Trump. The photo of the "broligarchy" at Trump's inauguration spoke volumes, as their apparent eagerness to appease the president brings the data gathered by the internet's surveillance-based economy under state control. 3. Trump's recent executive order entitled "Stopping waste, fraud and abuse by eliminating information silos" is alarming. The order became operational when the Trump administration contracted with Palantir, a company known for its surveillance software and data analytics in military contexts. Its job? To combine databases from both the state and federal levels into one massive database that includes every American citizen, and potentially any user of the internet. Combining multiple government databases is concerning. Combining them with all the personal data harvested by Silicon Valley and providing them to a government showing all the hallmarks of an authoritarian regime sounds like Big Brother has arrived. Civil liberties groups such as the Electronic Freedom Foundation, academics and even former Palantir employees have raised alarms about the possibilities for abuse, including the launch of all the vendettas Trump and his supporters have pledged to undertake. European governments have attempted to rein in Silicon Valley's excesses for years. Trump's re-election and his moves toward potentially weaponizing internet data have further boosted Europe's resolve to move away from the U.S.-led internet. One newer effort is Eurostack. A joint initiative involving academics, policymakers, companies and governments, it envisions an independent digital ecosystem that better reflects European values - democratic, sovereign, inclusive, transparent, respectful of personal privacy and innovation-driven. Spokesperson Francesca Bria explains the "stack" arises from the idea that a digitally sovereign internet needs to have European control from the ground up. That includes the acquisition of raw materials and manufacture and operation of the physical components that comprise computers and servers; the cloud infrastructure that has the processing power and storage to be operational at scale; the operating systems and applications that comprise the user interface; the AI models and algorithms that drive services and its policy and governance framework. Prospective gains to Europe are considerable. They include greater cybersecurity, promoting innovation, keeping high-end creative jobs in Europe, promoting collaboration on equitable terms and creating high-skilled employment opportunities. Canada receives no mention in the Eurostack proposal to date, but the project is still very much in the developmental phase. Investment so far is in the tens of millions instead of the billions it will require. Canada has a lot to offer and to gain from being part of the Eurostack initiative. With the project still taking shape, now is the perfect time to get on board.
Canada News.Net
2 days ago
- Business
- Canada News.Net
How Eurostack could offer Canada a route to digital independence from the United States
The contemporary internet has been with us since roughly 1995. Its current underlying economic model - surveillance capitalism - began in the early 2000s, when Google and then Facebook realized how much our personal information and online behaviour revealed about us and claimed it for themselves to sell to advertisers. Perhaps because of Canada's proximity to the United States, coupled with its positive shared history with the U.S. and their highly integrated economies, Canada went along for that consumerist ride. The experience was different on the other side of the Atlantic. The Stasi in the former East Germany and the KGB under Josef Stalin maintained files on hundreds of thousands of citizens to identify and prosecute dissidents. Having witnessed this invasion of privacy and its weaponization first-hand, Europe has been far ahead of North America in developing protections. These include the General Data Protection Regulation and the Law Enforcement Directive, with protection of personal data also listed in the European Union's Charter of Fundamental Rights. Canada clearly took too much for granted in its relationship with the U.S. Suddenly, Canada is being threatened with tariffs and President Donald Trump's expressed desire to make Canada the 51st American state. This has fuelled the motivation of Canada both internally and in co-operation with western European governments to seek greater independence in trade and military preparedness by diversifying its relationships. Prime Minister Mark Carney has begun promoting "nation-building projects," but little attention has been paid to Canada's digital infrastructure. Three recent developments suggest Canada would be well-advised to start paying close attention: 1. The current U.S. administration has raised concerns about its reliability as a partner and friend to Canada. Most of the concerns raised in Canada have been economic. However, Curtis McCord, a former national security and technology researcher for the Canadian government, has said the current situation has created vulnerabilities for national security as well: "With Washington becoming an increasingly unreliable ally, Mr. Carney is right to look for ways to diversify away from the U.S. But if Canada wants to maintain its sovereignty and be responsible for its national security, this desire to diversify must extend to the U.S. domination of Canada's digital infrastructure." 2. Silicon Valley is exhibiting a newfound loyalty to Trump. The photo of the "broligarchy" at Trump's inauguration spoke volumes, as their apparent eagerness to appease the president brings the data gathered by the internet's surveillance-based economy under state control. 3. Trump's recent executive order entitled " Stopping waste, fraud and abuse by eliminating information silos" is alarming. The order became operational when the Trump administration contracted with Palantir, a company known for its surveillance software and data analytics in military contexts. Its job? To combine databases from both the state and federal levels into one massive database that includes every American citizen, and potentially any user of the internet. Combining multiple government databases is concerning. Combining them with all the personal data harvested by Silicon Valley and providing them to a government showing all the hallmarks of an authoritarian regime sounds like Big Brother has arrived. Civil liberties groups such as the Electronic Freedom Foundation, academics and even former Palantir employees have raised alarms about the possibilities for abuse, including the launch of all the vendettas Trump and his supporters have pledged to undertake. European governments have attempted to rein in Silicon Valley's excesses for years. Trump's re-election and his moves toward potentially weaponizing internet data have further boosted Europe's resolve to move away from the U.S.-led internet. One newer effort is Eurostack. A joint initiative involving academics, policymakers, companies and governments, it envisions an independent digital ecosystem that better reflects European values - democratic, sovereign, inclusive, transparent, respectful of personal privacy and innovation-driven. Spokesperson Francesca Bria explains the "stack" arises from the idea that a digitally sovereign internet needs to have European control from the ground up. That includes the acquisition of raw materials and manufacture and operation of the physical components that comprise computers and servers; the cloud infrastructure that has the processing power and storage to be operational at scale; the operating systems and applications that comprise the user interface; the AI models and algorithms that drive services and its policy and governance framework. Prospective gains to Europe are considerable. They include greater cybersecurity, promoting innovation, keeping high-end creative jobs in Europe, promoting collaboration on equitable terms and creating high-skilled employment opportunities. Canada receives no mention in the Eurostack proposal to date, but the project is still very much in the developmental phase. Investment so far is in the tens of millions instead of the billions it will require. Canada has a lot to offer and to gain from being part of the Eurostack initiative. With the project still taking shape, now is the perfect time to get on board.
