Posts by WookieBill 13 publicly visible posts • joined 16 Feb 2012
It wasn't that sophisticated. I am down to using a password manager and a random password for each site, they still managed to lock o.ut my Oyster account, so they weren't trying to hide the attack in any way. Happily its been a couple of years since I lived in London, so basically none of my detalis are probably correct any more.
I agree, and actually, I think in some ways we have gone backwards.
There is one CRM I deal/dealt with that was based on its own custom filesystem rather than SQL, it had a real delete function (but no referential integrity), its newer (not that new) replacement system is SQL Server based and has no hard delete function for users/administrators and the delete entity stored procedure that exists in the DB no-longer functions (they have added additional FK constraints to later versions of the CRM but not updated the USP).
Now, I expect the company in question is planning to address this in a new release (and probably most other CRM vendors too) but that means an additional project for every firm that uses the software (test & deployment) and all that needs planning in, ideally now before its too late.
Most CRM's are SQL based so stuff can be deleted with enough time/skill, but as recruiters are on commission (and thus tend to want to work weekends as well as normal office hours) bringing down the CRM for half the weekend while you do a manual delete via SQL does cause some stress.
While its fine having an outage once in a while if your doing it every weekend for the latest batch of GDPR removal requests, its going to get old quickly. Not to mention, if I am working weekends cleaning out your data, frankly your going to be paying for it (either OT costs or TOIL). Unfortunately, some techie doing manual deletes on your CRM each week isn't really a viable business solution.
Obfuscation of the data will work for some industries, the problem with recruitment, is that we deal with a lot of personal data in document form (CV's, Passport scans for legal compliance etc), all of that is going to have to be cleared off a record to put it out of use and although you don't generally run into any referential integrity issues with documents, unless the CRM has a real delete function in it for user level deletes, you are still paying people like me to go clear your data off at a weekend.
Also, its not just about the CRM's, Email/Exchange, SMS facilities and Mass mailing systems (e.g. Dotmailer) all need to be cleared of identifiable data and usually they are not well integrated with the CRM and certainly not for delete functions.
Its not that any of this is technically impossible, its that frankly doing all the analysis and development is a lot of work. In the same way that in Y2K it was easy to say, oh just store your dates in long date format, saying it is one thing, changing policies, procedures and systems is something very different and quite expensive.
I customise CRM systems used in the recruitment industry for a living, The Business Analysis side of our company have been warning our clients about GDPR for ages, people are only just sitting up and starting to take notice.
One issue is that many of the CRM systems used in the recruitment can't easily delete data.
To maintain referential integrity when you delete a candidate, all that happens is that the candidate is given a deleted status and is hidden from the users, that data still remains in the DB along with the CV and all the lovely personal data goodies it contains. This is currently giving me lots of migration projects as people switch to supported CRM systems that can be made compliant.
As well as the technical issues, psychologically, its difficult to get recruiters to delete candidate data, it's their product after all, when I was in house, it was quite a task getting permission to delete stuff from senior management (it usually involved lots of nagging and pointing out we hadn't spoken to people in a decade)
I predict much wailing and gnashing of teeth in recruitment, as soon as a recruiter sends out a job spec to half the internet and lots of legally switched on types notice that they didn't give consent under GDPR and fire up the lawyers.
I specialise in customising CRMs used in the recruitment industry. I have a key skills section at the top my of my CV. It's not just machines you have to think about. Recruiters sit there going through hundreds of cvs in seconds. If your CV doesn't get attention quickly it won't ever be looked at.
Also, if you really want a peticular job, customise your CV so you seem to be the perfect match. Don't lie but if you have relevant & non relevant skills make sure to talk about the relevant ones and minimise the irrelevant ones.
As a fully signed up member of the Guardian reading London Metropolitan Elite I feel the need to point out you are quite wrong, your not Daily Mail readers or Racists, you are Daily Mail reading Racists! :-)
In all seriousness though, the Guardian closing its comments section is probably good news, the way the Indie's comments section has gone is horrendous, Calling many of commentators there racist is an insult to racists and I would hate to the Guardian turn into the cesspool of full on (Islamophobic) hate that is the Indie's comments section is these days.
So glad to have taken VR from these idiots back in 2012, if you still work for CSC, take my advice, get out now while you still have a career ahead of you. CSC treated their entire staff as being disposable costs that could be easily off-shored, unless you were pointless middle management that is, then you got pay rises and bonus's that were denied to the people with the brains to actually do the work. For gods sake get out now!
Also, their sofas were shit, no hang on, that was SCS!
My companies head office is on High Holborn. We lost power at around 12pm yesterday. Once our emergency lighting failed after 3 hours we evacuated (to the pub over the road which still had power). The on-site UPS had a fairly short battery life so our domain controller on-site was not able to be shut down cleanly and we are a little concerned about some of the switches coming back to life or not. Our company is citrix based and most stuff is tucked away in a data center, so loss of systems is not a major worry. Unfortunately, our CAG was not provisioned for DR, as a result we only have 40 remote access licences and far more staff than that, so for most people, working from home is not an option. Also, from the last update from building management, we are unlikely to have power tomorrow either, as they can't get into the tunnels under Kingsway and are going to have to dig up the road. It's going to be interesting!
As an ex CSC'er I'm afraid to say that I have to agree with the AC about the quality of some (not all) our offshore staff. It isn't that they were all unskilled technically, partly it is a cultural issue of getting them to take ownership and think outside the box, but a lot of it is a problem of experience.
I am told by people over there that in the same business park as our office in Noida is IBM, what used to happen (when I was with CSC) is that (being cheap) we would hire people out of Uni and the onshore component would start to train them up, they would get a few years experiance (normally they have a fixed term contract of serveral years meaning they couldn't leave) as soon as that was up they would walk across the the business park to Big Blue and get a large pay raise.
You can't blame them and I was always really pleased when one of the good offshore guys got a new job, because frankly working for CSC is soul destroying, unfortunatly what happened is that anyone with anything about them offshore leaves for better pastures and there is an inevitable drop in quality.
I have a dream of an alarmclock that will go off and then display my google calendar agenda for the day and also if I have a meeting in for say 8am automatically go off early. (I realise I can do this with my phone and calendar reminders but I want it in a proper bedside alarmclock and I want it automated dang it!)
Anyone know if I can do that with this?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
