A spectre is haunting Europe – the spectre of GDPR.

It seems to be the one thing everyone in the data security industry is talking about, Equifax aside…

Articles are being written, consultancy firms are popping up, and businesses are quietly panicking.

Yet, like so many grand legislative changes, many people are unsure what GDPR is, how it could affect their business, or whether they should even be worried about it at all.

In this article, we’ll be looking to clear up some of those misconceptions while presenting actionable steps for how companies can go about adjusting to the coming changes. We’ve scoured the available resources to find the answers to our concerns about GDPR and now we’re sharing it with you.

(Still employ a consultant though. As you’ll see, there’s too much at stake not to!)

We’ll explore not just the impact on European companies but also companies outside the European market who process or control data which could come under the scrutiny of these EU measures.  SaaS companies like Process Street will find themselves needing to adapt their services for their large European clients, and if you work within the SaaS field you might have to do so too.

Before we go further, let me give you a Too Long; Didn’t Read:

The best short summary of the ethos of GDPR I’ve read comes from Wired:

For companies that have more than 250 employees, there’s a need to have documentation of why people’s information is being collected and processed, descriptions of the information that’s held, how long it’s being kept for and descriptions of technical security measures in place

The GDPR broadly sets out:

• You need to have a system in place to manage data and security.
• You need to have that system fully documented.
• You need to operate with the parameters of the GDPR, e.g.
  • Consent boxes cannot be auto-filled as “yes”.
  • Companies must respond to access requests from users within 1 month.
  • Requests for personal information must be processed free of charge.

At the end of this article, you’ll find a free Process Street checklist which uses ICO recommendations and Article 29 Working Party advice to guide you through assessing your company’s GDPR readiness!

Continue Reading

Websites are delicate, messy, and hard to manage effectively. Setup might be easy, but a beginner learning to maintain a website will hit a damaging snag sooner or later.

The main problem is that the tech behind any website is complex for beginners. The files that run your site are written in multiple different languages, depend on each other’s fixed locations, and are controlled by config files. In short, there’s a lot to grasp when you’re starting up a website.

To avoid making mistakes you need a basic knowledge of SQL, cPanel, and phpmyadmin, as well as a general idea of why and how websites work. Like I learned the hard way, tiny tweaks or careless uploads can take the entire site offline for days at a time, which is especially damaging when you have a recurring audience of any kind.

In this post, I’m going to go through the methods you’ll need when maintaining a website, and give you processes you can follow for each task.

Continue Reading

Technical procedures — especially those affecting your client’s systems and operations — must always be documented. Details and specifics are too vital for you to just wing it, especially when you’re dealing with long lists of configs, server names, and other easily-forgotten information.

That could be why SOPs (and documentation in general) are so popular and well-supported in the MSP community. Thanks to the wealth of information out there, we’ve been able to put together 7 of the most in-demand IT processes among MSPs and sysadmins.

In post, you’ll get 7 processes you can easily edit, share, and use in your own organization. Since they’re built inside Process Street, when you add them to your account they’re stored in the cloud and provided to anyone in your organization with the right access permissions.

Continue Reading

ITGlue is a collaborative, cloud-based IT documentation platform created to help MSPs standardize documentation, create knowledge bases, manage passwords and track devices.

As well as documentation, it lets you stay on top of what’s going on in your network by notifying you when key events happen, like an SSL certificate nearing expiry, or a firewall breach.

Continue Reading