John Lawlor

I read this very interesting review of Siri Assistant on Mashable, one of my favourite Social Media guides and review sites. Siri Assistant is a personal assistant on your iPhone and can help you find restaurants, movies, etc; book taxis; discover events in your area, and much more. It uses voice recognition technology to interpret your commands and turn them into intelligent web searches and services. It can find services based on your location and also uses the context of your current search to bring you other relevant information. If you have already subscribed to services that Siri partners with, it can use your credentials with those services to offer you tailored solutions. It looks very impressive indeed.

I really like my iPhone and was very anxious to download the application. However, I was disappointed to discover that the application is not yet available in the Irish App store.

It appears that it is not available in other App Stores either, including Australia and Canada, so at this stage it must only be available in the USA. I tried to open an account in the USA store but needed a credit card with a USA billing address. Since I didn’t have one, I was brought back to the Irish App Store – back to square one!

Siri Assistant works with over 30 partners in the USA and I expect that this is the reason that it has not been rolled out in other countries yet, while parter agreements are being put in place. With the Irish market being so small, I wonder when we will see applications like this available here.

The application looks very powerful and here is a short Youtube video that demonstrates its features.

If anyone knows how to get the App for an iPhone in Ireland, I’d appreciate your help. Or if you know of other similar applications, why not leave a comment and let me know.

Share on Facebook

The following email was issued by the Senior Lecturer on Sunday 10 January 2010:

“In view of the deteriorating weather conditions and the expected snowfall
in Dublin all examinations scheduled for Monday 11th January 2010 are
postponed.

Further details will be published on http://www.tcd.ie as soon as possible.
We regret the inconvenience that this will cause but feel it is the best
course of action in the current circumstances.

Dr. Aileen Douglas
Senior Lecturer”

The link to the alert on the TCD website is here.

Please re-post and share to ensure that candidates are aware of the postponement.

Share on Facebook

Congratulations once again to Trinity College Dublin for increasing its ranking in the latest Times Higher Education-QS (THE-QS) world university rankings to 43rd in the world, up six places from last year. The college is now ranked 13th in Europe. Once again, this is a great achievement by Trinity and reflects its continuing pursuit of excellence.

In a post on the TCD website, TCD Provost, Dr John Hegarty said: “Our stated ambition was to be at the front rank of world universities and among the top 50 globally.  We have achieved that in a relatively short period of time and this year’s ranking of 43rd place has surpassed that original goal”.

He added, “Such a high ranking is an outstanding achievement for Trinity and reflects the quality of our undergraduate and postgraduate teaching and programmes, the high recognition by employers of our graduates across the world, and our reputation for excellence in research and scholarship by our international peers”.

Well done to all at Trinity.

Share on Facebook

We’ve recently launched our new website, which provides a bright new look at the services we provide; useful information for staff, students and visitors; details of our current and recent projects; contact information; news items; status alerts, etc.

You can also follow us on Twitter and get the latest alerts and news from IS Services.

Why not take a look and let us have your comments and feedback.

Share on Facebook

The Twittersphere was loaded tonight with Tweeters complaining about a major failure in Eircom’s DNS service. I have been having ongoing problems with Eirom, which is one of Ireland’s main ISPs, and have little satisfaction in getting my problems resolved. It is clear from tonight’s events that I am not alone. I had to rely on O2’s mobile broadband service for much of the evening.

Thanks to a number of Tweeters, I was referred to OpenDNS, which is a provider of free security and infrastructure services that make the Internet safer through integrated Web content filtering, anti-phishing and DNS. I had to sign up for a free account, which was very easy to do and took just a few minutes. Once this was done, I changed the DNS entries in my broadband router and I was up and running on the web again.

I am still looking forward to the day when I can dispense with Eircom’s “service” all together.

What has your experience with Eircom’s broadband service been? Leave a comment and let me know, though I expect I already know the answer.

Share on Facebook

I discovered this great programme from Evernote over the weekend. Available in both free and premium editions, it enables users with an Evernote account to store snippets of information, thoughts, pictures, documents, etc on the web. I regularly write notes and post-its to myself but often lose, mislay or simply forget about them. With Evernote, all those notes can now be stored simply and conveniently in one place on the Web for later processing. It is also possible to share your online notes with other Evernote users.

The service is available on a wide range of platforms, which is one of its most attractive features. There is a client for Windows and Mac, a version for the iPhone and other smartphones, a browser service and an email service. This means that it is pretty easy to capture and store a note, picture or document on any device no matter where you are. I tried to install it on my Blackberry but had problems with the Blackberry software. However, it was not a problem, as there is a mobile web version as well and the email service can be used with equal convenience.

The free service is pretty generous. It gives 40Mb of storage a month, which should be plenty to capture and store short notes or a few pictures. You can later move them into your preferred tool or system, or delete them when you have dealt with them. The subscription service costs $5 per month or $45 per year and gives 500 Mb of storage, more options and added security. I’m going to stick to the free service for the moment and see how it goes.

So why not check it out and if you like it, leave a comment and let me know.

Share on Facebook

ActiveWords, is a computer desktop productivity tool that automates many common activities that users perform every day. As you type, ActiveWords logs each word, even if a text editor is not being used. Once the appropriate function key (F8) is pressed, the action associated with that key word is performed. Actions can be any of the following:

• Substitute text
• Launch a programme
• Open a document
• Navigate to an Internet site
• Send an email
• Open a folder
• Run a script.

This is a great time saver and I have become a fan already. It cuts out a lot of pointing and clicking and makes life on the desktop just that little bit easier.

I use the keyword “outlook”, followed by F8 to open Outlook. I email several people regularly and by associating a keyword with them, in seconds I can open up a new Outlook email already addressed to them. I also use a few documents regularly and a short keyword opens each of them for me. There are a number of add-ons available for the product that are quite useful. These provide pre-defined keywords and menus for use with popular Internet services such as Google, MSN and Yahoo.

At the moment, I understand that ActiveWords is only available for the Windows platform.

You can download a free 60-day trial from the ActiveWords website. I was very pleased, shortly after downloading the programme, to be contacted by Buzz Bruggeman, one of the owners of the business, offering to go through the programme with me on a Skype call. Now that’s what I call service!

So why not check it out and if you like it, leave a comment and let me know.

Share on Facebook

I had not intended this blog to become a security-related publication, or one dealing exclusively with theft of laptops and storage media. But there is certainly a trend developing; let’s hope it does not last.

Following on from yesterday’s post, and from my post of 24 August 2008, we learn today from a report on RTE, Ireland’s national broadcaster, that a laptop computer containing  the records of some 75,000 customers of Bord Gais Eireann (BGE – the Irish Gas Board) was was one of four stolen on 5 June 2009, although news of the theft was only released today, 17 June 2009. The records relate to customers who signed up for the BGE “Big Switch” campaign, which encouraged them to move their account for electricity supply from the Electricity Supply Board (ESB) to BGE. Like previous incidents, data on this laptop was reported not to have been encrypted.

This time it’s personal, as I have been potentially affected by this latest security failing.

It appears to me that many (I suspect a very, very large number) organisations that process personal information simply do not take the issue of electronic data security and data privacy seriously enough. Throughout the world, we learn regularly of significant breaches of customer confidentiality. As  I wrote in my August 2008 post, many of these incidents occur through the failure to manage portable devices and removable media effectively. But there is also a lack of appropriate polices, procedures, practices, guidelines and controls. Indeed, in many organisations, there appears to be little or no attention paid to security at all, except for template procedures and documents.

The 2008 Annual Report of the Irish Data Protection Commissioner provides information on the top ten threats to individual privacy as identified by his staff. The unscientific list represents perceptions of Commission staff of the major threats to privacy at the close of the year 2008, based on the queries and issues they deal with on a day to day basis. The top ten threats are identified as follows:

1. Failure of organisations to have even the most basic protocols in place to minimise the loss of customer and employee data.
2. Continued lack of proper procedures in public and private sector bodies to limit access by their employees to personal data on a ‘need to know’ basis.
3. Failure to take due account of the legitimate privacy expectations of members of the public when moving towards greater efficiency of public services.
4. The tendency of new legislation to seek ever more personal data from the public and the sharing of that data between organisations without (in many cases) any real business case to justify such sharing.
5. Criminals using increasingly sophisticated methods to part individuals from their personal data for criminal and fraudulent use.
6. The extended use of the Personal Public Service Number (PPSN). This is the number given to each citizen by the Government to identify them when they interact with public bodies. More and more services seek to use this identifying number, often without any credible justification.
7. Publication and availability of excessive personal data on the internet (sometimes placed there by the individuals themselves on social networking sites etc).
8. Continued lack of awareness among data controllers of their data protection obligations.
9. Indifference on the part of data controllers to the consequences of their actions when they deliberately and persistently refuse to respect the data protection rights of their customers.
10. Continued lack of awareness on the part of members of the general public (who, as a result, give away their personal information too easily, don’t ask why personal information is needed or fail to ‘tick the box’ to say that we don’t want to be contacted).

BGE issued a short press release advising that it had promptly informed the Irish Police and the Data Protection Commissionerof the theft and that it will be contacting all affected customers. However, since there has been almost a two-week lag between the occurrence of the theft and the issue of the press release today, it is possible that customers’ financial or other personal information could have already been compromised. This is simly not good enough. It is no good doing things right (if you can call a two week delay in advising affected customers “right”) after an incident has occurred; appropriate steps must be taken to ensure that such incidents do not occur in the first place and that, if they do, the risk to information security is minimised or removed entirely. Time will tell whether the “risk assessment” referred to in the BGE statement led them to a correct decision not to advise customers sooner; I hope they got that right.

Organisations must take serious steps to improve security now. Some of the steps they take might include:

• Raising security awareness among all staff and providing appropriate training.
• Assigning responsibility for information security to the right people, not just to the IT department.
• Implementing appropriate and effective security policies, procedures and practices.
• Implementing adequate and effective information security controls and risk management systems.
• Carrying out regular audits of information security practices.
• Encrypting data on laptops, portable devices, tapes, removable storage and other vulnerable media.
• Implementing appropriate controls over removable media and devices.
• Introducing strict penalties for staff who breach security requirements including, for serious breaches, dismissal.
• Revisiting my post of August 2008 for further information on information security.
• Visiting the web site of the Irish Data Protection Commissioner, which is full of good information on information security.
• Reading the 2008 Annual Report of the Data Protection Commissioner, which is an excellent document and gives an overview of the activities of the Commissioner and provides information on prosecutions, investigations, summary data, etc.

Organisations and individuals must realise and accept that information security is not an issue for the IT department alone; it is a business issue and needs to be treated as such. Staff who use laptops, portable devices and removable media must understand that it is their responsibility, not the IT department’s, to keep data safe. And basic security, like locking these devices away or securing them appropriately, as well as encrypting them, must become the norm, not the exception.

Under Irish Data Protection Legislation, penalties for breaches of the law can be severe and encompass both civil and criminal proceedings, fines and forefeiture and destruction of equipment. Bodies corporate and individuals are subject to the provisions of the legislation. Fines of up to 250,000 euros can be imposed. Maybe it is time that fines of this magnitude were imposed. Without tough enforcement, I fear that breaches of the law and loss of personal data will continue to occur.

Kevin Kehoe, who I thank for commenting on my previous post, mentioned that organisations need to assess their appetite for risk. Perhaps it is time to dampen that appetite dramatically and, when it comes to handling the personal private information of customers, staff, prisoners, benefit applicants, etc, accept that no appetite for risk at all is the desired attitude to have.

If you have been affected by the BGE failing and feel strongly enough about the matter to complain, you can get all the information you need to make a complaint from the Data Protection Commissioner’s website.

What do you think? Are you concerned at how easily and how often personal private information is stolen, disclosed or otherwise compromised? Have you been personally affected by a breach of your privacy? Have you lost money or suffered other negative consequences? Have you been responsible for a breach of data security?

Leave a comment and let me know.

Share on Facebook

I wrote about this topic on 24 August 2008 in relation to the loss of data about people who became involved with state agencies. I suppose it is hardly surprising that the same issue has happened again. In this most recent case, the Irish Health Service Executive (HSE) lost about 15 laptop computers, which were stolen from their offices in Roscommon Town. RTE, Ireland’s national news broadcaster, reports that, while information on 13 of the laptops has been encrypted, what is described as confidential information on one of the other two machines is accessible to anybody in possession of the laptops. The HSE is reported to have said that it ‘is satisfied that there was no identifying information in relation to patients or clients on one of the non-encrypted laptops.’

The truth is, of course, that the HSE cannot make this statement with any confidence, unless they subject their laptops, removable devices, and other storage media to continuous audit and stringent data management policies and controls, which, I suggest, is highly unlikely. In my opinion, there is as much probability of confidential information being stored on any of those laptops as not. The HSE probably has no way of knowing one way or the other; if it does, it should be required to produce the evidence in public immediately.

The ubiquity, portability and ease of use of laptop computers and other removable storage devices make the occurrence of theft and data loss almost inevitable. Indeed, I am sure that I could probably be found wanting myself in this regard, despite the fact that I advise, consult and speak on the topic of information and data security from time to time. As it happens – and this is merely because of the nature of my work – I do not need to store personal private information on my machine. However, I suspect that, on any of my computers or storage devices, there probably lies an old email, an old file, or a stored chat session that related to some private information. Simply put, it is dangerous in the extreme to believe that private information might not be stored on any electronic device. Therefore, the utmost precautions should be taken in all cases and at all times.

It is really time that all people who are in control of personal private information, whether in the public or private sectors, took this issue seriously and started taking immediate, practical and effective steps to secure the data they store and control. It might well be worth reading my previous article again, where I provided advice and guidance on how to improve data security.

What are you doing about information and data security in your organisation? Do you think data processors and data controllers are taking enough care of personal private data?

Leave a comment and let me know.

Share on Facebook

Trinity College Dublin has en extensive wireless network with over 600 wireless access points (WAP).  This network, which is managed by Information Systems Services, enables the college to offer a variety of services including a self-service network admission control system (NAC) for the student community, a secure 802.1x based staff network, a commercial quality guest wireless service, integration with the international Eduroam service, integration with a commercial ISP guest service, and support for various college research initiatives.

To further enhance the management of the system and delivery of service to our staff and students, we now wish to migrate to a wireless switch/controller based solution using light weight wireless access points (LWAP). This solution will enable us to deliver an advanced mobility infrastructure that will include:

• High performance Voice over WLAN (VoWLAN)
• Advanced security and encryption capabilities
• Dynamic RF management
• Multiple broadcast, virtual wireless networks
• Ease of deployment
• Cost effective management
• Simplified guest networking options.

We’ve published a tender recently on the Irish Government’s etenders website. The closing date for submission of tenders is 24 June 2009. Take a look if you are interested in this opportunity or in other opportunities from Trinity College.

Note that this blog post is NOT an official tender notice or invitation to tender; please go to the etenders website for the tender notice and documentation. The etenders website is designed to help buyers and sellers to find and publish tender notices on government and public sector procurement across Ireland.

Share on Facebook