fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Chrome Use Subject to Restrictions in Dutch Schools Over Data Security Concerns

Chrome Use Subject to Restrictions in Dutch Schools Over Data Security Concerns

The Dutch Ministry of Education has decided to impose some restrictions on the use of the Chrome OS and Chrome web browser until August 2023 over concerns about data privacy.

The officials worry that Google services collect student data and make it available to large advertising networks, who use it for purposes beyond helping education.

Since the national watchdog doesn’t know where or how the students’ personal data is stored and processed, there are concerns about violating European Union’s GDPR (General Data Protection Regulation).

Netherland’s Minister of Education and the Minister of Primary and Secondary Education have co-signed a letter to the Dutch parliament where they describe a range of cybersecurity and data protection matters.

The letter explains that conversations were held with Google, Microsoft, and Zoom, on the sensitive matter of data protection, and assurances were given to make future versions of software products more transparent and compatible with data protection regulations enforced across the EU space.

Also Read: 5 Best practices for protecting corporate data when an employee leaves

In the case of Google, the tech giant promised that new versions for the Chrome web browser and the Chrome OS would be ready by next year, so some usage restrictions apply until then, when the Dutch regulator will make a new assessment.

Educational institutes and schools that wish to continue using Google services in the meantime will have to perform additional actions as described in the SURF guidelines.

These actions include implementing specific Group Policies and disabling services like automatic website translation and spell checks that can leak user data away from Europe.

Also, the geographical location for data storage of the Google Cloud service must be set to Europe, and users need to be restricted from changing the setting.

Finally, ad personalization must be set to “off”, YouTube embedding must be used with ‘privacy-enhanced mode’, and the Google Search engine must be avoided altogether.

Other cases of data privacy concerns

Google’s services have raised multiple concerns across Europe, about data privacy and the opaque data collection practices behind them.

Also Read: The necessity of conducting penetration testing and vulnerability assessment

In January 2022, Austria’s data protection authority decided that using Google Analytics violates GDPR, because collecting website visitors’ data was done with the the users’ specific consent and transferred outside Europe.

The French data protection office (CNIL) followed suit with a similar decision in February 2022, and later warned Google that minor changes won’t reverse the decision.

This month, the Danish DPA imposed a ban on the use of Google Workspace and Chromebooks in one of the country’s municipalities, Elsinore, criticizing the uncontrolled data transfers to third countries.

Update July 23: A member of the Google Netherlands Communications team has informed BleepingComputer that Chrome and Chrome OS are not banned in the education sector of the country, and that schools may continue using them provided that they perform certain actions themselves to strengthen data security and ensure student privacy.

All education institutes in the Netherlands that wish to continue using Google services are expected to implement these additional data protection measures until Google updates its products as agreed, in 2023.

Note: The article body and title have been updated to clarify that the Dutch Ministry of Education did not ban Chrome OS and the Chrome browser for educational use.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us