News

05/2020 GDPR-compliant e-learning with BigBlueButton, Moodle and Nextcloud - data protection begins with the little ones

tbd.

04/2020 Home office tools: Not everything that glitters is gold...
(Open source) alternatives to commercial messaging and video conferencing tools

The current life situation is limited due to Covid-19. But possibilities of communication in home office are unlimited: Phones, private landline phones, chat programs, email, video conferencing and much more. The increase in home office jobs is pushing the use of collaboration solutions and video conferencing tools and giving them a boom that has never been experienced before. The increasing popularity is now fatal for many providers.

A look at well-known providers underlines the rush for messenger and video conference tools: Slack reports an increase in connected users from 10.5 to 12.5 million within a few days. Microsoft Teams has now passed the 44 million daily user mark. Google is also benefiting from the boom in virtual meetings: The use of Google's "Google Hangouts Meet" solution is 25 times higher than in January. Zoom was also able to benefit from the current situation. The video conference tool is most notably valued for its user-friendliness, its price structure and its simple deployment. But Zoom has now attracted a lot of criticism, especially when it comes to security: insufficient encryption of calls, security gaps, data exchange with Facebook or leaked emails and photos of users.

Fortunately, there are many exciting alternatives that are also available as an open source solution. We have selected three safe and user-friendly messenger and video conference tools for you:

Mattermost, riot and Zulip

The web-based messaging solutions Mattermost, Riot and Zulip score with cross-platform availability. You have your own desktop clients as well as clients for mobile operating systems. Direct messages, group messages, archives and data transmission are available in all three applications. Riot also offers video and internet calls. These functions have so far only been available to a limited extent with Mattermost and Zulip. Riot can also score with end-to-end encryption; the other two services have transport encryption.

Jitsi Meet, Kopano Video Meetings and Mikogo

Jitsi includes several open source projects that make it easy to conduct secure video conferencing. The open-source software Jitsi Meet enables video conferences with one or more participants. In addition to video or audio chat, Jitsi Meet also offers the functions of desktop sharing and screen sharing of certain windows to present content. In addition, an integrated chat function is available to share text-based content with other participants. In addition to the web interface, Jitsi Meet is also available as an app on Android and iOS.

The device-independent software Kopano Video Meetings was developed for use in companies and allows "peer to peer" encrypted communication. It can be rolled out within a private cloud. Features include video and audio calls, one-to-one calls, and group calls.

You can display your own selected screen content via Mikogo and thus make it accessible to other authenticated users. Remote control of the screen is a big plus for this provider. After the necessary rights have been assigned, the presenter can take control of another computer and vice versa. With the integrated whiteboard function the presenter can also mark out screen contents or add comments. Locking and unlocking participants, recording sessions, and a session planner are also useful features.

----------

One last thing:

If you want full data sovereignty, you should set up your own server. If you lack the know-how or the time required to do this, many providers can host their own servers. We also take care of the setup, the individual configuration, the ongoing operation and the required power. We are always available for questions!

 

 

03/2020 Home office at the time of corona pandemic

Since the end of 2019, the lung disease COVID-19 triggered by new coronavirus SARS-CoV-2 has been spreading rapidly, has reached Europe in the meanwhile and has quickly developed into a global pandemic. "Flatten the Curve" is now the order of the day: the spread of infections has to be slowed down as much as possible to prevent the health care system from collapsing. Now, more and more companies are preparing for home office. This is not just a tool to slow the spread, but in worst case the only way to keep the business going. Groupware functions and cloud services are fundamental for a functioning home office.

Businesses can help keep the contagion curve flat. As a precautionary measure to prevent the virus from spreading, people are working exclusively in their home office for several weeks and reduce contact to other people to a minimum. Even the absence of work and the lack of direct contact between the workforces can slow down the spread of the corona pandemic.

The right equipment: Compared to a large monitor with keyboard, a laptop is not an equivalent work tool. Tips for setting up the workplace and aligning the desk and office chair can be found, for example, at https://media.t3n.de/redaktion/homeofficeguide/t3n_Homeoffice_Guide.pdf. There you will also find tips on digital offers for children and important hygiene advices for time at home.

The exchange of data should generally only be encrypted (TLS/SSL) and take place via a virtual private network (VPN), which is set up by the IT department. In order to be able to protect and exchange company-internal data securely, a VPN is necessary and must be provided with a safe operating concept, so that no hole is torn in company-internal IT security measures. In this way, employees can be provided with secure access to the company's internal network. If you want to exchange data quickly, easily and independently from end devices in another way, you will find an alternative with open source clouds. Since numerous public cloud storage services are not compatible with the GDPR, alternatives such as Nextcloud should be used:
https://www.aixzellent.com/de/premium_privateclouds.

The distance also changes the communication structures of the teams internally and externally. Messenger programs and the possibility of video conferencing are an important tool for collaboration in remote workplaces. There are also challenges here: The video connection may not work if employees live in an area that is not yet connected to fiber optics or the bandwidth for the private connection could not allow a bandwidth to be linked to professional requirements. For video conferencing, there should be a technical infrastructure with upload speeds of more than 10 Mbit/s if possible. Project management tools help planning projects and to-dos, given they are not already integrated as accompanying project structures anyway.
In general, the following applies to IT security issues: All tools used should be discussed and set up with the company's data protection officer. Scammers and other criminals are already trying to use the crisis. IT administrators who otherwise quickly take care of maintenance tasks personally in the office instead of explaining it to all employees must now find other ways of performing their tasks. For remote maintenance, we recommend solutions such as NoMachine or Teamviewer. With these tools employees can access someone else's computer and quickly provide help with IT questions and problems.

Another problem with home office: executives can no longer see their teams working and thus have doubts about their productivity – regardless of whether these doubts are justified or not. Only the results achieved should count in reality, however, there is a different situation at many companies. Regular reports can keep managers up to date and doubts can be proven wrong.

The previous investment in digitization is now paying off for companies. If documents and relevant information are available electronically and processes have been adequately, digitized, permanent work at home office is possible. The current crisis is driving the digitization of working life and integrating the internet into everyday work. If the home office is approached correctly, it can be more productive even for teams than in the office. However, the right hardware and software, a suitable workspace and way of working are essential. Challenges remain, but maybe this is the chance to try out home office with the entire team. In general, we all have to slow down the spread of the corona virus as much as possible and protect the weakest in society. Let us keep the Covid 19 disease rate as low as possible!

If you have any further questions, aixzellent team is available at any time by phone and email.

 

 

11/2019 Judgment of the ECJ on (tracking) cookies

At the beginning of October, the European Court of Justice (ECJ) passed a significant judgment on cookie information obligations of website operators, which we would like to inform you about in this news.

Cookies and similar tracking methods may no longer be used unless customers have previously given their consent. The only exception is the operation of technically necessary cookies such as cookies for the login or the shopping cart. According to the court, website owners must now provide detailed information on the collection of cookies on their pages. The usual cookie notes (cookie banners) do not fulfill the requirements of the ECJ for three reasons:

  • Users cannot really agree.
  • These notes do not clarify anything about the data transfer and data usage in detail.
  • Bare information banners don’t interrupt the automatic data transmission until the consent of the users. But that’s necessary to implement the privacy policy.

The judgment is important for everyone who is using cookies in the area of tracking or marketing on their website. It is also important for everyone who has included a Facebook like button or any similar button of social networks (Twitter, Instagram, LinkedIn etc.) on their pages.
The ECJ has also commented on four important issues:

  • Website owners are always responsible for privacy violations, along with Facebook and other social networks.
  • The unsolicited transmission of user data through the buttons of social networks on websites violates the data protection law.
  • Competition associations may charge a fee for websites which have implemented the Facebook like button without consent.
  • Cookies which are set up for tracking or advertising purposes must have a real consent of the website visitors. A cookie hint banner is not suitable for this purpose.

The ruling now can also be interpreted as an announcement to the German legislator to readjust German law to the EU rules. It is very likely that this will be closely aligned with the legal requirements of the ECJ.

We would like to point out to you that we are not allowed to offer legal advice. For further information we recommend the following page of the European Commission: https://wikis.ec.europa.eu/display/WEBGUIDE/04.+Cookies