August 10, 2017

Is ISO 27001 worth it?

I took the Certified ISO 27001 Practitioner course last week, studying the requirements and principles of ISO/IEC 27001:2013, and the issues and challenges involved in implementing an information security management system.  Achieving certification before doing the course helped me get more out of it, and a better appreciation of just how effective this standard is, regardless of the size of your organisation.

Continue Reading

April 19, 2017

Is WordPress Secure?

Despite the fact that it runs over 25% of the ten million largest websites in the world, some IT professionals treat WordPress with something they just wiped off their shoe.  Just in the last couple of months there have been two major security updates, and 100,000 WordPress sites were apparently hacked, so is it secure?  Like most “Is product [x] secure?” questions, the answer is “It can be”, read onto find out how.

Continue Reading

January 30, 2017

UK WordPress Hosting Long Term Review

I’ve been using Tsohost for 3.5 years now, after moving away from Fasthosts in 2012.  Every year or so I review my hosting provider; in 2013 Tsohost were still top of my list, in 2014 the quality of their technical support convinced my I was still with the right hosting provider.  It’s been a while since I last re-assessed.  I’ve seen some comments on my blog about tech support, and some complaints about lack of Lets Encrypt SSL support, so I thought I’d take another look, and ask; are they still the best UK WordPress Hosting provider?

Continue Reading

January 3, 2017

Why 2016 sucked for me

2016. Worst Year Ever. The last post to this blog was October 2015, which seems like a lifetime ago now.  I was making progress on two strategic projects, planning to re-grade several staff and looking forward to a successful year.  It didn’t turn out that way, and 2016 was for me, professionally, the hardest year I’ve ever had. When you have year that bad I think it’s worth trying to ‘extract some learning’.  So here’s my quick introspective on what went wrong in 2016.

Continue Reading

October 16, 2015

Gathering requirements (the hard way)

dearsantaI’ve written about communication a few times; it’s an important part of my job, I enjoy it, and I’m always learning about it. Recently I’ve been involved in a project which included a requirements gathering phase, consulting hundreds of users across two Schools of the University, and what I learned there forced me to completely re-think my approach to this process, and to communication with users in general.

Continue Reading