data loss

Why human error is the biggest threat to data

If you think shady criminal cartels, blackmail attempts or straight-up hacking geniuses are the biggest danger to any data held about you online, then we have news for you – plain old human error accounts for far and away the most data breaches.

New research has revealed that human error continues to be the leading cause of data loss for organisations in the UK.

The Databarracks report, which was based on a survey of 400 senior IT workers, revealed that 24 per cent of organisations admitted to a data loss caused by employee accidents in the last 12 months, ahead of hardware failure (21 per cent) and data corruption (19 per cent).

This report comes hot on the heels of data released by the Information Commissioner’s Office earlier this year, which showed that 93 per cent of the 459 data breaches reported to the office in Q4 of 2014/15 could be put down to human error in some way.

It also follows a serious data breach by a London health clinic earlier this month which saw  the email addresses of hundreds of patients, many of whom are living with HIV, accidentally sent out publically to all recipients of a clinic newsletter.

Oscar Arean, technical operations manager at Databarracks, said: “Human error has consistently been the biggest area of concern for organisations when it comes to data loss. People will always be your weakest link, but having said that, there is a lot that businesses could be doing to prevent it, so we’d expect this figure to be lower.”

Interestingly, the Databarracks results weren’t fully consistent across all business sizes, with a breakdown revealing that in large companies, hardware failure led to most data loss, with 31 per cent of all cases up from 29 per cent in 2014.

Arean said: “This isn’t surprising as most large organisations will have more stringent user policies in place to limit the amount of damage individuals can cause.”

Arean goes on to suggest that SMEs should adopt more of a big business ethos when it comes to managing human error:

“The figures we’re seeing this year for data loss due to human error are too high (16 per cent of small businesses and 31 per cent of medium businesses), especially considering how avoidable it is with proper management. I think a lot of SMEs fall into the trap of thinking their teams aren’t big enough to warrant proper data security and management policies, but I would disagree with that.

“In large organisations, managers can lock down user permissions to limit the access they have to certain data or the actions they’re able to take – this limits the amount of damage they’re able to cause. In smaller organisations, there isn’t always the available resource to do this and often users are accountable for far more within their roles. That is absolutely fine, but there needs to be processes in place to manage the risks that come with that responsibility.

“Of course small organisations don’t need an extensive policy on the same scale that a large enterprise would, but their employees need to be properly educated on best practice for handling data and the consequences of their actions on the business as a whole. There should be clear guidelines for them to follow.”

So what does this mean for us and our data? While in an ideal world the individual would be at the centre of their own connected life in full control of their own data, it is unrealistic in our current world to hold all our data close to our chests when so many end users have or demand access to it.

So is it safe out there in the big, bad world? Yes, largely speaking, and the benefits to us in areas such as health of having our details instantly available to all medical services, for example, certainly outweigh the chances of being subject to a damaging data breach.

But it is certainly a sobering thought that, no matter how thorough the legislation governing data handling and the individual company policies in place, just one simple, human mistake can be enough to bring all that crashing down.


British spies want shorter and less secure passwords

If you thought the purpose of passwords was to be as strong as possible to give your information and accounts the best chance of being secure, Britain’s spies at GCHQ have news for you.

In a new document, Password Guidance – simplifying your approach (PDF), the organisation’s cyber director said that advice has moved on from previous guidance to make passwords stronger as a greater deterrant to hacking.

Now, the spy agency is suggesting IT managers help install systems that make passwords easier to remember. Yes, you did read that right.

The report claims that the average UK user has 22 different online systems that are password protected – clearly more than most people can remember – with the same supposedly safe password used to access around four of these.

It says the need to remember multiple passwords for different sites leads to unsafe behaviour, such as writing them down, duplication, or using simple or predictable passwords creation strategies.

But it also stresses that, crucially, the bottom line is that even following best practice guidelines (ie not doing any of the above) cannot guarantee keeping online services secure. Key loggers, phishing and interception are all cited as credible risks, with information about how to carry them out and the tools to do so easily discoverable on the internet.

In a foreword to the report, Ciaran Martin, Director General for Cyber Security at GCHQ (cool job title!) said: “Complex passwords do not usually frustrate attackers, yet they make daily life much harder for users. They create cost, cause delays, and may force users to adopt workarounds or non-secure alternatives that increase risk.”

It suggests that simplifying an organisation’s approach to passwords can reduce the workload on users, lessen the IT burden, and – crucially – “combat the false sense of security that unnecessarily complex passwords can encourage.”

It lists seven key steps that organisations (and individuals) can take to optimise system security, which are:

  1. Change all default passwords (well, durr)
  2. Only implement passwords when needed to minimise user overload
  3. Understand the limitations of user-generated passwords (tl:dr they encourage insecure behaviour)
  4. Except machine-generated ones have their own problems (tl:dr they’re difficult to remember)
  5. Prioritise admin, mobile and remote user accounts as these are more important/vulnerable
  6. Use account lockout and protective monitoring
  7. And, of course, don’t store passwords as plain text

Will seeming to be good, impartial advice, it’s worth remembering that this does come from the people who broke antivirus software so they could spy on people, so feel free to take it with a piece of salt if you are of a cynical disposition.

ad-blockers, apple, ios9, data, advertising

Why ad-blockers really aren’t the data privacy win you might think

Ad-blockers shot straight to the top of the paid-for apps list in the App Store when Apple’s iOS9 update that allowed users to block mobile advertising was released.

So far, so not unusual – ads are pesky little things, right? Popping-up unexpectedly when you least expect them and generally bloating pages, crucifying page load times and eating up data allowances. Not to mention their tracking qualities as well as the past searches and purchases that stalk you round the web, site after site, day after day. Nope, no redeeming features at all – let’s block them all.

Then something unexpected happened – Marco Arment, creator of the no1 paid ad-blocker Peace, pulled it from the store after just two days, saying that “success didn’t feel good”.

What exactly the problem is remains unclear, altrhough comments on the Instapaper’s founder’s blog where he talked of needing to find a “more nuanced, complex approach” offer some clues.

He added: “Ad blockers come with an important asterisk: while they do benefit a ton of people in major ways, they also hurt some, including many who don’t deserve the hit.”

What Arment seems to be alluding to is what Seth Godin termed the shared understanding that websites offer free content in return for attention. For most sites, advertising is what quite literally pays the content creation bills.

Of course, pages have become increasingly riddled with evermore intrusive ads over the past few years, and it’s hard not to see that the reader has been assailed from all sides. So the appearance of ad-blockers was only going to end one way. Or, as Godin put it: “In the face of a relentless race to the bottom, users are taking control, using a sledgehammer to block them all.”

But still the fact remains that readers and sites have been in a mutually-beneficial relationship where advertising has played a key role in funding content for which there is demand but no serious suggestion that users would pay the full creation cost. And that remains the case even as ad-blocking apps proliferate.

So if ad blocking is not the answer, what is? There is clearly change needed on both sides – advertisers needs to show self-restraint and not machine gun content over every page we open, while users need to understand that on the internet, as with so many things, we can’t simply have the good for free without giving something back.

But there also needs to be a fundamental shift in how we think about data. We don’t like these ads that follow us around, or trackers, because they feel like an assault on our privacy. Yet it is the information gained through this that allows businesses to begin to better target our wants and interests.

I say begin, as the data available to date is so thin and incomplete that it is estimated to be up to 30-50 per cent wrong, to the obvious detriment of both the business and user.

Imagine how much more beneficial for both sides a rich data set would be – useful data 100 per cent certified and licensed at source, used to target appealing ads back to that same user.

A vision for the future to be sure, but a vision that comes ever closer as the Internet of Me follows close on the heels of the Internet of Things, with companies like at the forefront of this digital revolution.

internet of things

What is the Internet of Things?

As the latest estimates claim the number of devices connected to the Internet of Things (IoT) will jump from 15 billion now to 50 billion in 2020, we look at what a connected world actually means.

What is the IoT? Well, at its most basic level, it is a network of devices fitted with data-capturing sensors that can connect to the internet, talking wirelessly to each other, applications – and indeed us. And these devices? They’re things in your home, things you wear, wearables such as Fitbit and the car you drive.

The phrase IoT has been in circulation for nearly a decade in technology circles, but only now with smart, connected devices such as thermostats and refrigerators, as well as driverless cars, becoming a reality is it something that is becoming relevant to the majority of the population.

What would a truly connected world look like? More straightforward is one answer, as all these intelligent little machines that between them know so much about us and our lives start to co-ordinate.

In classic examples, your alarm clock wakes you up and then tells your coffee machine to start boiling ready for a morning cuppa, while on the drive to work your car knows the quickest route for where and when you need to be, and can even text whoever you’re meeting if you’re running late.

Lots of smart devices, collecting and streaming huge amounts of user data and providing real-time information on, well, just about anything. Performing nominated tasks on demand and combining to make life as frictionless as possible. After all, how much easier would life be if your house’s heating could tell it was about to break and was able to summon an engineer itself before it actually did so?

And these devices could bring real benefits, not least cost as well as convenience, to all our lives. The heating that knows to turn itself off or down on a sunny day will save individual users money, as potentially could smart cars that send data about how they are being driven to insurance companies to feed into premiums.

The decreasing cost of computer power means there is no cost barrier to entry for putting sensors that can generate data in the most mundane items, and there is clearly no shortage of opportunities for smart machines that can do something in addition to their primary, practical purpose.

With so much data zipping around, questions about privacy and security are at the forefront of concerns and there are clearly many debates to be had around the IoT, its limitations and indeed its strengths.

But one thing is not in doubt – a huge amount of data is going to be generated, and how that is analysed and interpreted is going to be key to how successful the IoT is, for individuals and businesses alike.

Of course, at, we believe in returning the power of data to the owner, for them to use and permission as they wish, in both their personal and public lives.

The Internet of Things, and its natural successor the Internet of Me, where the individual is at the centre of their connected life, is a natural fit for us, as control returns to the user. Businesses need accurate rich data, which an individual is best placed to provide – but only if they want to and only if it is worth their while.

Leveraging the IoT is the dream for many companies, but here at we’re already got a headstart – and you can  try it out for yourself with a free download of our amazing app.

trust (2)

Could the great personal data sell-off affect you?

The biggest danger to your personal data could be hiding in plain sight – and the law is not on your side.

We’re constantly warned to take care with our data. Be careful who we give it to, know what they want it for. Control it, be cautious with it, take care that those who guard it are taking appropriate security measures.

Yet a simple loophole that could see your data being sold on, even if you had instructed the company not to do this when handing it over, has come to light. And it’s perfectly legal, and happening frequently.

When a company who has your data goes into administration and appoints liquidators, they are charged with making as much money as possible from any remaining assets to reduce the debt to creditors. And guess what has a lot of commercial value? Yes, correct – your data.

This data, this personal information about you shared in good faith with one company, is now an asset for sale, available to the highest bidder who can in turn do what they want with it.

While the Information Commissioner’s Office states that anyone handing over their data has a “reasonable expectation” of how that data will be used,  selling it on, often to a company in the same industry, does not seem to breach this – in practice if not in spirit.

This astounding state of affairs was highlighted this week by a consumer programme on BBC Radio Four, where a woman from London was, in her words, “innundated” with emails and calls from other providers after the ferry company she had used went bust.

Adamant that she had “ticked boxes” stating her details should not be passed to third parties, she was powerless when liquidators Ernst and Young were appointed and the customer list was, quite legally, sold on. As she started being “bombarded” by unsolicited contact, she asked one where they had got her details from, and was told it was from the receivers. The same receivers who never contacted her to ask permission to sell on her data.

She told the programme: “The government are always saying you need to look after your data and you shouldn’t share it with people you don’t know, and then then they take it upon themselves to nominate someone who can sell it on and I think it makes a mockery of keeping your business private.”

An insolvency expert told the programme that, while not familar with that exact case, the underlying action was widely recognised as acceptable. Companies, those holding data and those acting as receivers or liqiuidators, are required to follow data protection laws, but crucially that doesn’t restrict data from being sold on as a commodity. Which is a pretty shocking state of affairs.

Stories like this highlight how powerless consumers are in many ways once they hand over their data, losing control of where it goes and what it does without ever having done anything wrong.

While never sharing any data is unrealistic if you want goods and services in this modern age, sharing the bare minimum is obviously good practice.

Companies such as are working on solutions to these trust issues, building a data-driven future where you are at the centre of your connected life, crucially in complete control of who has access to your data and what you get in return, but the full realisation of this is some way off.

But you can start claiming back some control by downloading a free version of our app now, collecting information about you distributed across various social media sites and reclaiming it for your own use and purpose.

Facebook (2)

How to check your Facebook privacy settings

Facebook is a social giant that holds huge amounts of personal information about each of us.

Facebook is also renowned for changing its privacy policies frequently and not necessarily advertising this fact, so it pays to check at regular intervals that you’re only sharing what you post (as well as what you have posted and will post in the future) with the audience you expect.

So, how can you check what your current settings are? Partly in response to criticisms that it wasn’t open enough about what info was being shared, Facebook has a new tool called Privacy Check-up.

Accessed from the padlock dropdown at the top right of the page, the privacy shortcuts panel that opens up gives you options for a quick check of who can see your stuff, who can contact you and what you can do is someone is bothering you.

While these options are helpful, the top option is to open the Privacy Check-up, which then takes you through your privacy basics in three quick and easy sections.

The first looks at your Posts,  explaining that this setting controls who can see what you post from the top of your news feed or profile, as well as showing what your current setting is, and giving an obvious drop-down if you want to make changes for future posts.

The next step is Apps, with a list of what you’ve logged in to with Facebook. It explains that you can edit who sees each app you use and any future posts the app creates for you, or delete the apps you no longer use. It also gives you a link to the App Settings with a reminder that you can edit them at any time.

The third page covers your profile and personal information – so who can see the likes of your mobile number, email and date of birth if you have shared them with Facebook. It also reminds you that you may have shared more information about yourself and recommends you check your About page to see that is up to date as well.

Then you’re finished, safe in the knowledge that you’re only sharing what you post on Facebook with the people that you want to see it.

And, of course, once you’re done, don’t forget to download for free to back-up your posts and pictures forever, giving you ongoing access to them even if you decide to delete your account in the future.


Online privacy – is there a simple route to the ‘Internet of Me’?

Privacy concerns continue to grow over personal data use and leaks, and this week those concerns were highlighted in the New Scientist in their editorial (29th August –  From reflecting the opinion of many that “Privacy is dead”: to asking how we got here, “Data has become currency”; to thinking about solutions, “Such systems are complex”; to worrying that if the effort to restore privacy doesn’t start soon then “vested interests may become too deeply entrenched to overturn”.

If we think the solution is complex as suggested by the New Scientist, then it is less likely we’ll find the right answer; however, I would like to suggest that there is in fact a very simple solution.

To see what that simple solution is we need to think why our data is so valuable and therefore why businesses are trying to track us. The answer is because the businesses believe they can provide better services , better convenience or sell more to us if they know who we are in many different dimensions.  If this were not true then there would be no value in our data and no value in tracking us.

But how good is the data they get? – not very is the actual answer. This is why of course ever more complex and invasive methods of tracking and associating data are being deployed – at great cost.  Even then the best anyone gets is a thin slice of you which can be 30-50% wrong.

Even this poor performance is threatened by the new ad blocking, do not track and other privacy ‘solutions’ now being deployed.  No one is winning here: not the individual nor the businesses.

Is there a better way? – to use the marketers phrase a “win-win” for both consumers and businesses? The answer is yes there is and what is more it is straightforward.

If I own, hold and control all my own data then businesses can come direct to me and ask for that data.  They get access to Rich data: data which covers a much wider set than they can get by tracking; which is deeper in time; which is 100% accurate, with no association errors (it is about me because it comes from me); which is fully permissioned; which is simple to get – just one person to come and ask.  If a business can get Rich data easily and very cheaply then why would they pay more for worse data obtained through tracking? Not only would they pay more for less they would also not get our trust.

By coming direct to us they get Rich data, cheaper, easier and with our trust.  When more and more businesses start to do this the market for tracked data will diminish and then disappear – a better solution for everyone.

How do we get there? We need software in place which gathers and holds our data for us on our own devices and cloud infrastructure, and which enable businesses to come to us for data which we can authorise (or not).  Luckily this process has started already, for example our company – see, and there will be others joining the party too.

Privacy is not an insoluble problem, nor a difficult win. You just have to look at the motives of everyone involved and fashion a simple win-win solution.

Oliver Wendell Holmes, the famous 19th century American physician and writer said: “I wouldn’t give a fig for the simplicity this side of complexity but I’d give my life for simplicity on the far side of complexity”.

With regards to privacy that simple solution the other side of complexity exists – it is that we own and control our own data on our own devices.  An “Internet of Me”, where I am truly the centre of my data world.


Flashback for Friday Fun!

Schools in the UK start back this week after the summer break, and my timeline on Facebook is awash with little faces wearing pristine uniform that is a touch too big for them as they head off into formal education for the first time.

A time to move forward to be sure, as I’m one of those mums who will have done just that by the time you read this. But my flashback feature is also active, showing me an adorable picture of my now toddler when he was very tiny two years ago.

Between them, these two features got me thinking a lot about the present and past, mainly along the lines of how quickly time is flying by, and how life moves on at such a pace these days it can be hard to hold on to all your memories, even the precious ones.

Thankfully, flashback in is a great feature for finding out what you were doing on this day one, two, five or even longer years ago and being reminded of things big and small, personal and professional that had slipped from your mind.

A premium account feature (you can try it without charge for 30 days when you download the normal version, which is free to all), simply click on the flashback icon on the menu bar to see what you did across all linked accounts on this day in years past. And if you want to check other days, either specifically or random ones, just click on the calendar icon in the top green bar and then zip around to your heart’s content.

Happy flashbacking! grey-text-inline

10 ways gives you back control of your data

News of data breaches and leaks has been everywhere recently, particularly in the wake of the Ashley Madison hack.

And yet, as our popular blog on the apps that are spying on your life proved, we are giving more and more about ourselves away without questioning it, often in the mistaken belief it is the only way we can access free services.

Two big (often unspoken) truths are that many apps ask for many more permissions than they need as a default, and also that free does not have to mean giving up the rights to the data that makes up you.

Here at, we like to think in terms of the internet of me – you, at the centre of your world, fully in control of what data about you is shared and with whom. Clearly, with so much about each of us already in the wild, that full dream remains a work in progress, but our app gives you back control of your data for you to choose and use as you wish. How? Well, here are just some of the ways:

  1. By backing-up your social network content. You can use to sync four accounts from the main social media platforms, meaning you can delete your accounts if you choose in future and still have whatever you posted there, complete with the original likes and comments.
  2. Having all the data YOU posted, at YOUR fingertips – you can jump around the journal view or search across all platforms to find something you need without being constrained by search or any post visibility activated by the channels themselves.
  3. By us NEVER seeing any of your data, yet bringing it to you in a format that you can easily search and use.
  4. Run a small business and want to analyse when your posts get most interaction? Use our insight tool to find out what and when you should be posting, or download your follower data in a spreadsheet to investigate how it has grown or who has stopped following you.
  5. Feeling overwhelmed by the size of your networks? See who you have most interactions with on Facebook, for example, if you’re minded to create lists. Or see who is no longer friends with or following you if you want to cull them back.
  6. Use our flashback feature to see what you were doing on this day last year, the year before or five years ago – remember things you wanted to do, or anniveraries of things you did do that might otherwise be forgotten.
  7. Make a collection – your favourite pictures or interactions, stored together, and able to be saved and downloaded as a PDF, complete with the original comments.
  8. Compliance requirements for your business? Find anything you’ve ever said and reuse or record as necessary in a matter of moments.
  9. Organise your content into collections, grouping similar content or separating public and personal. All, of course, easy to find when you need it again for any reason.
  10. By having, at your fingertips, the complete story of you. What you said, what you did and who you did it with, even the ability to add thoughts, moments and pictures that were not (gasp!) documented on social media.

Sharing everything for free use is not good data privacy, is not the future and should not be how the world works. Join the online revolution, start taking your data power back and download for free today!


Friday Fun: Back to School?

It doesn’t seem possible that Summer (what Summer, ask all UK users) is nearly over, but the time for back to school is nearly upon us.

Shorts and swimming clothes are being put away as parents scramble to get all the requisite bits of uniform acquired in the correct sizes and labelled with their child’s name for when they are inevitably lost.

This will be my first year as a mum of a schoolchild, and it’s set me thinking about my own first schooldays a long, long time ago.

I didn’t have to wear a uniform, and this being the 70s all the children wore browns, beiges and dark reds – none of the colourful brights young clothing comes in today.

My parents were quite relaxed about school, so there’s no proud first day photo such as the one I will undoubtedly take of my son and post on social media.

I’m sure, too, I’ll love looking back on it as time goes on and my little four year-old grows up.

Do you have a favourite picture from your schooldays? Please share it in the comments with any memories.

And, if you too want to find and remember key events in your life, download for free now!