Information Security: A Necessity of Life

posted by Remco Blom on May 12, 2015

One of our core values at BiZZdesign is sharing knowledge and best practices. We regularly organize and contribute to online and offline seminars, conferences, and round tables. After a recent presentation entitled "Security is not an IT problem", which illustrated the often lacking connection between policies and measures within organizations, we decided to have a World Cafe. In this blog post, I will present the findings of one of the debates we had, based around the importance of Information Security. Feel free to check out my last post in this series: From Security Architecture to a Secure Architecture.




From Security Architecture to a Secure Architecture

posted by Remco Blom on May 1, 2015

Sharing knowledge and good practices is one of our core values at BiZZdesign. We regularly organize and contribute to online and offline seminars, conferences and round table sessions. After one such presentation entitled “Security is not an IT problem”, we organized a World Café to discuss the related topics. Please share your good and worst practices by reacting to this blog.




Data governance gone bad… and how to get it right!

posted by Tim Vehof & Matthijs Scholten on Nov 6, 2014

Earlier this week, a large Dutch insurance company got itself into the national headlines after mixing up sensitive customer data. By mistake,  over 2,500 participants in a large-scale medical research received an e-mail with information that was intended for other participants.

“In creating and handling the data, we made a mistake. This way we accidentally coupled the wrong information to the e-mail addresses of the research participants”. According to the insurance company, this was a “human error’’, and not an error in the organization’s system, which was tested extensively.




Enterprise Risk Management Approach

posted by Rob Kroese on Jul 29, 2014

In a previous blog post, Marc Lankhorst discussed the value of EA in managing risk, compliance and security in the enterprise. He suggested a number of steps to take next; two of these steps are discussed in more detail in this blog:




Best Practices in low-tech Information Security measures

posted by Remco Blom on Jun 26, 2014

Welcome to our blog. This is an archived post, most of our knowledge and advice remain valid but some material or links may be outdated. Click here to see our most recent posts.

Sharing knowledge and good practices is one of the core values of BiZZdesign. We regularly organize and contribute to online and offline seminars, conferences and round tables sessions. Recently there was a very successful seminar on Enterprise Risk and Security Architecture for Dutch financial institutions.




Digital enterprise and change capability

posted by Mathilde Tempert on Jan 8, 2014

Welcome to our blog. This is an archived post, most of our knowledge and advice remain valid but some material or links may be outdated. Click here to see our most recent posts.

New technological developments emerge at an increasing pace.  Recent examples include Google Glass, Big Data, e-Coaching, wearables, 3D printing, Internet of Things etc. The potential is considered enormous, and expectations to derive value from these innovations are sky high.




Influence vs. Force - Incenting Others to Get on Board with Your Architecture Initiatives

posted by Daniel Jumelet on Aug 31, 2013

Almost every architect has met the following frustrating experience during his career: A proper and well defined business case, architectural advice or Project Start Architecture is not being used by the organization the architect wanted to serve with it. Time and again we see decisions made based on:




BYOD – The Good, The Bad & The Ugly

posted by Ton Baas on May 26, 2013

Welcome to our blog. This is an archived post, most of our knowledge and advice remain valid but some material or links may be outdated. Click here to see our most recent posts.

Bring your own device, bring your own technology, bring your own phone or IT consumerisation (respectively BYOD, BYOT, BYOP). Whatever you want to call it, anno 2015 everybody knows the concept of bringing your privately owned device to access company information and applications.




Designing Secure Organizations: Risk Management, Enterprise Security Management and ArchiMate

posted by Henk Jonkers on Jan 23, 2013

No one is allowed to enter the building without proper authorization; all incoming e-mail messages are filtered; personal computers that are used to store sensitive data do not have a direct connection to the internet, and therefore cannot be accessed remotely. With these enterprise security rules, we have ensured that our private information is safe, right? Wrong! 




Are Direct Messages really private, or not?

posted by Wil Janssen on Jun 11, 2012

Welcome to our blog. This is an archived post, most of our knowledge and advice remain valid but some material or links may be outdated. Click here to see our most recent posts.

Social media have penetrated our lives. We share ideas, experiences, thought, complaints, and compliments with everybody. At the same time we see quite some controversy concerning the privacy policies of companies such as Facebook and Twitter. Some people even think that European privacy regulation does not apply to them, as they are US-based companies.