BladeSec IA Logo

Introduction

CLAS Consultancy
CESG Certified Professionals
CESG Certified Cyber-Security Consultancy

Company Information

Company profile
Certifications and qualifications
News and comment <
Why choose BladeSec IA?
References

Products and Services

Typical work
Specific highlights

Domestic Travel Advice

Website

Contact us
Terms and conditions
Privacy statement
 

Latest news and comment.

Comment: 2019/06/06 - The 75TH Anniversary of Operation Neptune (D-Day).
We shall never forget the acts of bravery by ordinary men and women....

Comment: 2019/05/30 - Who watches the watchmen?
BladeSec IA's Professionalism and Integrity Policy is pretty clear on a few things. We have very high expectations for our staff. We know that the level of intrusion they endure undergoing clearance, and extensive hours they work interfere with their personal lives significantly.

The converse of that is, however, we will provide the utmost support to look after them as they go through "life events" that are nothing to do with work.

One member of staff has had their identity abused massively by an organisation. That same organisation has shown a monumental disregard in addressing the issue. To that end we stepped in and now MacRoberts are representing the interests of that individual.

It is clear, however, that the ICO appears to be the mostly badly prepared organisation in the UK in terms of GDPR. As part of the support provided to the individual, we need the ICO to fulfil their role to uphold... data privacy for individuals (their words).

A complaint was submitted to the ICO on 22TH February and at the time of writing, it has still not been allocated to a case officer. To put this into perspective, this is the second complaint made against this particular organisation as they had failed to fulfil appropriate remediation for the previous complaint. The ICO states that it expects to be able to allocate it to a case officer in four weeks, "at the earliest".

It does raise the interesting issue of who is liable if the organisation has deleted the information being sought as part of a normal document retention policy or other proper data governance activity?

Frankly, this clearly suggests to me that the the ICO were massively unprepared for the impact GDPR would have and it's wholly unacceptable. Perhaps they should stick to priorities within their defined legal framework.
--
The above comment represents the personal views of a director of BladeSec IA Services, Ltd., and not the views of the organisation itself.

News: 2019/05/22 - Now serving HTTPS.
The eagle eyed readers of this website will notice that we've got a redirection in place, enforcing web delivery over HTTPS.

It's taken us a long time to do it as there was simply no reason for it. We don't host any sensitive material, provide any e-commerce solutions, authentication or other activity that would warrant HTTPS. In the end, we thought we would - simply so that Chrome and Firefox would stop saying, "This site is insecure". It's not, but it is a poor choice of words by Google and Mozilla.

So we've gone the whole hog, and opted for a validated GeoTrust True BusinessID certificate. It's a slightly odd blurring between the logical and physical words, as they will only issue the certificate after they've validated a few real-world facts such as phone number, address and contact details.

We hope you enjoy the TLS encrypted good-ness!

Comment: 2019/05/20 - Niki Lauda, 1949 to 2019.
In the day of modern Formula 1, it's only fitting that we take a while to reflect on the Austrian racing driver Niki Lauda and his bravery, honour, ability and knowledge.

News: 2019/05/10 - ScotlandIS Digital Technology Award.
Last night, BJSS and Disclosure Scotland won the Innovation in the Public Sector award.

For over eleven years, BladeSec IA Director, Owen Birnie has been the Lead Accreditor at Disclosure Scotland, and held responsibility for signing off the security of the Transformation Programme. Whilst he is very aware that he is a single cog in a very complex machine, he's also aware that DS held onto the coat tails of many clever people at AWS, the Home Office and NCSC.

And to top it all, Owen had a previous engagement in London with friends from the intelligence and security community when the news came in. Sadly, the Munich Cricket Club was too busy, and the Chinese Buffet no longer served a buffet. Whilst they were scenes of interesting historical events to the group, a small libation was consumed at The Red Lion in Whitehall in celebration.

Comment: 2019/05/02 - Peter Mayhew, 1944 to 2019.
People know what affect Star Wars had on the young, Owen. It's only fitting that we take a moment to remember the man who gave Chewbacca his warmth and humanity.

Comment: 2019/04/27 - Second hand hard drives.
It's been a while since I saw a report concerned with the recovery of data from second hand computer storage media. Blancco are reporting that individuals still don't know how to protect material on second hand computer equipment.

They assert that from 159 hard drives purchased from an on-line auction site, 67 devices had material that was easily discoverable to anybody with basic IT skills. The interesting part of the investigation was that as part of the purchasing process, Blancco claimed that each seller asserted that the device had been blanked properly.

Most alarmingly, is the material that Blancco say they recovered....

People need to be aware of Darik's Boot and Nuke which is free for personal use.

Comment: 2019/04/26 - CyberUK.
In the face of the alleged leak of material from the National Security Council, staff from BladeSec IA attended CyberUK where the FIVE EYES were meeting in public in the UK for the first time.

As with all these types of events, it's catching up with old friends that makes them. At the other end of the scale, was the fact that many of the streams were too busy even for "standing room only" with poorly laid out rooms.

Perhaps more interesting was the security incident that one of our Director's noticed that several hundred people missed, and were affected by it!

Comment: 2019/04/15 - Notre-Dame de Paris.
Avant de connaître Paris, je connaissais Notre-Dame. Je me souviens d'avoir regardé une très ancienne version de "Le Bossu de Notre-Dame" avec mon père. C'était un dimanche après-midi pluvieux à Stornoway.

Même enfant, j'étais surpris par l'ampleur et la beauté de "la vieille dame de Paris". Je ne suis pas religieux, mais les images du feu m'attristent. Je ne connaissais que légèrement Notre-Dame et je ne peux pas imaginer ce que signifie le feu pour les gens qui y vivent et y travaillent.

Comment: 2019/04/11 - Julian Assange removed from Ecuadorian Embassy.
Mr. Assange is a polarising character and we're not going to go into the intricacies of that. There cannot be a single individual involved in government or criminal justice who won't be interested in what's to come.

Comment: 2019/03/16 - New Zealand terrorist attack.
To our friends in New Zealand... we are not afraid....

Comment: 2019/01/14 - Credit Reference Agencies.
I have to confess that they bother me. They hold data on you, largely collected without your permission, and are under no obligation to keep that data accurate and up-to-date.

No doubt they would argue to the contrary, but my own circumstances to not align to that. Also the fact that they then charge people to monitor the accuracy of their own data by selling "identity theft protection", is not lost on me.

I had to laugh. I had clearly booked a Starwood Hotel many, many years ago. They told me that they'd lost a big chunk of fairly important data and were still able to e-mail to tell me this. I reckon that I've had about two dozen credit and debit cards in the time since I made that booking. Some will have been new, and some will be reissues.

However, those nice people at Marriott have paid for some form of identity theft protection for a year, so I clicked the button to sign up. And then I realised that they were going to take the data I gave them to confirm my identity and ship it outside the EU. I mean, really? I appreciate that it doesn't make something bad, but it does erode your confidence in something you have no confidence in anyway.

News: 2019/01/11 - Network failure - Resolved.
Everything's back up and working normally and first impressions are that it does appear that nobody noticed our outage at all. Wish we could say the same for the two that were were working in the shed. Their desire for rock had to be fulfilled by MP3s rather than Planet Rock.

News: 2019/01/10 - Network failure.
The DSL here in the Security Cart Shed has gone down and we're currently operating on backup connectivity. Everything appears to be working well, but we're monitoring the situation. No ETA for a fix as yet.

Comment: 2019/01/01 - Happy New Year!
I confess that I was away when the clock ticked over into 2019, so I'm writing this slightly late. Whilst this marks the point that BladeSec IA would celebrate it's seventh anniversary, this year will be different.

I'm honoured and humbled to be on the Isle of Lewis, sharing it with the 100TH anniversary of the Iolaire Disaster. For that reason, we're not going to take our usual tongue-in-cheek look back at the year.

Some things are more important.


Click here for older News & Comment.