Evolveum: Introducing midPrivacy Initiative

Introducing MidPrivacy Initiative

Ladies and gentlemen, please welcome midPrivacy, our data protection initiative. Identity management and data protection go hand in hand, one cannot really reach its full potential without the other. However, most identity management systems were a bit short on the data protection side. Therefore we have decided that it is the right time to do something about it. […]

Data Provenance and IDM solution midPoint

Plans for Data Provenance

Today is a Data Protection Day, which is a very symbolic day for midPoint. We are taking data protection and privacy very seriously. We believe that privacy in the cyberspace is necessary for the free society to flourish. Despite such belief, we acknowledge the implementation of privacy and data protection may not be easy. But we are not afraid of challanges. We are fully committed to implement privacy and data protection features in midPoint. […]

Evolveum: IT security threats in 2018

IT security threats in 2018: are you ready for them?

2017 was a really great year. For hackers. Many of us heard about WannaCry and NotPetya that took down over 300,000 computers across the world, including the UK’s National Health Service or government agencies in Ukraine. CCleaner, a utility program millions of Windows users rely on to clear potentially unwanted files off their PCs, got hit by a malware. The installer was patched to remove the malware, but only after over 700,000 machines were already infected. […]

Evolveum - GDPR, lawful basis

Lawful basis Part I.

On the way to the practical side of the GDPR we need to recognize reasons for processing the personal data, officially known as lawful basis. It has been long time since the data processing had been uncontrolled. You have needed lawful basis since the directive had come into effect, but under the GDPR there is Read more about Lawful basis Part I.[…]

Evolveum - Data Privacy Day 2018

How to stay safe online: tips and advice

We live in a fast evolving world. We surround ourselves with the technology to make our life easier every day. While in the past it would cause a great amusement, today we don’t even blink an eye when seeing someone hanging on their device, being online at any place, any time. The Internet became a Read more about How to stay safe online: tips and advice[…]

GDPR Lawful Basis Management

GDPR Lawful Basis Management

The first thing that most likely comes to the mind when people hear about GDPR is “consent”. That is understandable, as better part of the buzz around GDPR is about customer identities and digital marketing. But this emphasis on consumer identities is casting shadow on other aspects of GDPR that are at least as much important as consent. One of the aspects of GDPR is affecting much larger range of organizations than consent does. In fact almost every organization is affected by it. I’m talking about management of lawful bases for data processing. […]

GDPR - consent, part 2

GDPR – Consent part II.

Consent under the GDPR looks like really complex and complicated issue. Let’s see what we can already clearly explain. To achieve all stated requirements, you need to structure the consent granularly and give data subjects some options. Consent must be “specific”. Blanket consent without stating the exact purpose is not valid, but the GDPR does Read more about GDPR – Consent part II.[…]