Congrats to our customer recorrido! recorrido.cl is being featured at the Apple App Store (Latin Amercica & Chile). The teams from recorrido and TechHub Europe are thrilled about this promotion by Apple. We are proud of the recognition by Apple – but wont stop here.
A great Ted Talk on the Blockchain by the Author of „The Blockchain Revolution“.
Driving Innovation in digitalisation projects can be tremendously complex. Digitalisation in companies crosses traditional organisational borders and derails traditional responsibilities and processes. In order to guid a digitalisation project and enable to manage the change processes we use a reliable framework of thinking.
To drive inventive thinking in our customer projects we apply a distinct Method: SIT. SIT stands for Systematic Inventive Thinking and applies a Method of Thinking and structure for the Process to drive continuous Innovation and Inventive progress. It applies via the Ripple Model. Below you’ll find a description of the ripple model.
The method can be seen as consisting of five layers:
Thinking Tools:
At the heart of SIT’s method is one crucial idea: that inventive solutions share common patterns. Focusing not on what makes inventive solutions different, but on what, if anything, they might have in common, led to the development of the five Thinking Tools that form its core.
Principles:
The tools can only work if they are used properly, and in order for this to happen, the tools are accompanied by several principles which allow you to use the tools optimally and reap the benefits.
Facilitation Skills:
Since most SIT programs are conducted not for individuals, but for teams of participants, a range of facilitation skills are needed to complement the content. Some of these are the sort of skills any good facilitator would need, but many are specific to the setting of an SIT innovation workshop.
Project Management:
This level leads you in the direction of smooth implementation processes for the newly developed ideas. The ability to come up with new ideas is crucial for the process of innovation. However, new ideas are merely the first step in a rigorous process of managing true innovation, since few are the ideas that make it all the way through to the end of the process.
Organizational Innovation
Innovation projects are important, and no single innovation can deliver lasting advantages. In order to grow organically, a company must encourage innovation and creative thinking systematically and continously. Click here and read more.
If you are looking for more information on how to manage inventive and innovation thinking in your organisation or if you face challenges in digitisation projects feel free to talk to us.
A Keynote @MIT by Emin Gün Sirer.
Emin Gün Sirer is an associate professor of computer science at Cornell University. His research interests span distributed systems, security, and operating systems, with a particular emphasis on digital currencies and self-organizing systems. He is the inventor of Karma, the first cryptocurrency based on Proof of Work that predated Bitcoin. He is also known for having co-discovered the biggest known protocol flaw in the Nakamoto Consensus, for having fought mining centralization, for developing security measures to protect high-value digital assets from theft, and for anticipating the DAO hack. He runs the popular blog Hacking, Distributed.
Say hello to the decentralized economy — the blockchain is about to change everything. In this lucid explainer of the complex (and confusing) technology, Bettina Warburg describes how the blockchain will eliminate the need for centralized institutions like banks or governments to facilitate trade, evolving age-old models of commerce and finance into something far more interesting: a distributed, transparent, autonomous system for exchanging value.
For the 11th year in succession, Mountain Partners, our parent company held its annual Entrepreneur Days at the beautiful Tegernsee conference site. To gain some insight on the venue, here is a sample of the tremendous speakers aligned: View Jillian Manus key note here. Jillian Manus is a Silicon Valley Digital Disruption Pioneer und Managing Partner at Structure Capital.
The new General Data Protection Regulation (GDPR) is set to replace the Data Protection Directive 95/46/ec effective May 25, 2018. The GDPR is directly applicable in each member state and will lead to a greater degree of data protection harmonization across EU nations.
Although many companies have already adopted privacy processes and procedures consistent with the Directive, the GDPR contains a number of new protections for EU data subjects and threatens significant fines and penalties for non-compliant data controllers and processors once it comes into force in the spring of 2018.
With new obligations on such matters as data subject consent, data anonymization, breach notification, trans-border data transfers, and appointment of data protection officers, to name a few, the GDPR requires companies handling EU citizens’ data to undertake major operational reform.
This is the first in a series of articles addressing the top 10 operational impacts of the GDPR.
GDPR Enhances Data Security and Breach Notification Standards
Data security plays a prominent role in the new General Data Protection Regulation (GDPR) reflecting its symbiotic relationship with modern comprehensive privacy regimes.
Compared to Directive 95/46/ec, the GDPR imposes stricter obligations on data processors and controllers with regard to data security while simultaneously offering more guidance on appropriate security standards. The GDPR also adopts for the first time specific breach notification guidelines.
Security of data processing standards
The GDRP separates responsibilities and duties of data controllers and processors, obligating controllers to engage only those processors that provide “sufficient guarantees to implement appropriate technical and organizational measures” to meet the GDPR’s requirements and protect data subjects’ rights. Processors must also take all measures required by Article 32, which delineates the GDPR’s “security of processing” standards.
Under Article 32, similarly to the Directive’s Article 17, controllers and processors are required to “implement appropriate technical and organizational measures” taking into account “the state of the art and the costs of implementation” and “the nature, scope, context, and purposes of the processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural presons.” Unlike the Directive, however, the GDPR provides specific suggestions for what kinds of security actions might be considered “appropriate to the risk,” including:
The pseudonymisation and encryption of personal data.
The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
Controllers and processors that adhere to either an approved code of conduct or an approved certification mechanism — as described in Article 40 and Article 42 — may use these tools to demonstrate compliance with the GDPR’s security standards.
For additional guidance on security standards, controllers and processors may consider the Recitals, in particular Recitals 49 and 71, which allow for processing of personal data in ways that may otherwise be improper when necessary to ensure network security and reliability.
IAPP_Salary-Survey_300x250_FINAL
“Personal data breach” notification standards
Unlike the Directive, which was silent on the issue of data breach, the GDPR contains a definition of “personal data breach,” and notification requirements to both the supervisory authority and affected data subjects.
“Personal data” is defined in both the Directive and the GDPR as “any information relating to an identified or identifiable natural person (“data subject”).” Under the GDPR, a “personal data breach” is “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.” This broad definition differs from that of most U.S. state data breach laws, for example, which typically are triggered only upon exposure of information that can lead to fraud or identity theft, such as financial account information.
In the event of a personal data breach, data controllers must notify the supervisory authority „competent under Article 55“ which is most likely (looking to Article 56(1)) the supervisory authority of the member state where the controller has its main establishment or only establishment, although this is not entirely clear. Notice must be provided “without undue delay and, where feasible, not later than 72 hours after having become aware of it.” If notification is not made within 72 hours, the controller must provide a “reasoned justification” for the delay.
Article 33(1) contains a key exception to the supervisory authority notification requirement: Notice is not required if “the personal data breach is unlikely to result in a risk for the rights and freedoms of natural persons,” a phrase that will no doubt offer data protection officers and their outside counsel opportunities to debate the necessity of notification.
A notification to the authority must “at least”: (1) describe the nature of the personal data breach, including the number and categories of data subjects and personal data records affected; (2) provide the data protection officer’s contact information; (3) “describe the likely consequences of the personal data breach”; and (4) describe how the controller proposes to address the breach, including any mitigation efforts. If not all information is available at once, it may be provided in phases.
When a data processor experiences a personal data breach, it must notify the controller but otherwise has no other notification or reporting obligation under the GDPR.
If the controller has determined that the personal data breach “is likely to result in a high risk to the rights and freedoms of individuals,” it must also communicate information regarding the personal data breach to the affected data subjects. Under Article 34, this must be done “without undue delay.”
The GDPR provides exceptions to this additional requirement to notify data subjects in the following circumstances: (1) the controller has “implemented appropriate technical and organizational protection measures” that “render the data unintelligible to any person who is not authorized to access it, such as encryption”; (2) the controller takes actions subsequent to the personal data breach to “ensure that the high risk for the rights and freedoms of data subjects” is unlikely to materialize; or (3) when notification to each data subject would “involve disproportionate effort,” in which case alternative communication measures may be used.
Assuming the controller has notified the appropriate supervisory authority of a personal data breach, its discretion to notify data subjects is limited by the DPA’s ability, under Article 34(4), to require notification or conversely to determine it is unnecessary under the circumstances.
Harmonization
Data breach notification is possibly most firmly established globally in the U.S. There, “reasonable” security standards are still being defined and nearly every U.S. state has a different breach notification law, which has led to some consternation among privacy professionals. The GDPR’s uniform application across EU member states should at least provide predictability and thus efficiencies to controllers and processors seeking to establish compliant data security regimes and breach notification procedures across the entirety of the 28 member states. Nonetheless, the GDPR’s reference to a „competent supervisory authority“ suggests notification may need to be made to more than one supervisory authority depending on the circumstances, and the ambiguity of a number of terms such as „undue delay,“ likelihood of risk to rights and freedoms,“ and „disproportionate effort“ all remain to be further clarified and defined in practice.
Niclas, du hast vor Kurzem mit deinem Studium der Wirtschaftsinformatik begonnen. Warum war es dir wichtig vorher ein Praktikum zu absolvieren?
Ja, das stimmt, ich habe dieses Jahr mein Wirtschaftsinformatik Studium an der Westfälischen Wilhelms-Universität Münster begonnen. Da ich mich recht kurzfristig für diesen Studiengang entschieden hatte und noch nicht ganz genau wusste, ob es das Richtige für mich ist, hatte ich vor mir, in einem der Bereiche, in denen man später arbeiten kann, einen Eindruck zu verschaffen, ob ich mich für diese Themen begeistern kann. Daher erschien es mir am Sinnvollsten mir eine Stelle als Werksstudent oder ein geeignetes Praktikum zu suchen.
Wie hast du Kontakt zu uns aufgenommen?
Da ich den Geschäftsführer, Gil Breth, schon etwas länger kenne und weiß, dass er ebenfalls Wirtschaftsinformatik studiert hat, lag der Gedanke nicht fern, ihn nach seiner Einschätzung zu diesem Studiengang zu fragen: Was er daraus mitgenommen hat? Was interessant oder weniger interessant war? Und was er davon heute in seinem Arbeitsalltag noch braucht? Nachdem wir uns getroffen hatten, er mir von seinen Erfahrungen erzählt und ich all meine Fragen losgeworden war, bekam ich dann treffenderweise ein paar Wochen später einen Anruf von ihm. Er berichtete mir, dass er einen Praktikanten im Bereich Softwareentwicklung und Kundensupport sucht, was meiner Vorstellung von dem Praktikum, das ich noch machen wollte, sehr gut entsprach. So begann meine Zeit bei TechHub.
Welche Erwartungshaltung hattest du an dein Praktikum bei TechHub Europe?
Im Grunde genommen wusste ich gar nicht genau was mich erwarten würde. Was ich mir jedoch erhoffte, war einen groben Überblick darüber zu bekommen, was ein Wirtschaftsinformatiker in seinem Arbeitsalltag für Aufgaben zu erledigen hat und welche Herausforderungen man bewältigen muss. Des Weiteren war es für mich interessant zu erfahren, wie hoch die Informatikkenntnisse sein müssen. Ich hatte mich zuvor weder in der Schule noch in meiner Freizeit mit Themen wie Programmierung oder ähnlichem auseinandergesetzt und zudem fand ich es interessant, heraus zu finden, wie schnell man sich auch ohne große Vorkenntnisse und Erfahrungen in solche Themen einarbeiten kann.
Wurden deine Erwartungen erfüllt?
Der Großteil meiner Erwartungen wurde erfüllt. Nun habe ich einen sehr guten Überblick über Themen wie Softwareprogrammierung, App-Testing, Kundensupport, und auch über das Management eines weltweit verteilten Teams von Mitarbeitern und Kunden erlangen können. Der letzte Punkt hat mich besonders beeindruckt: mein Arbeitsplatz war in Essen, die Entwicklung in Lettland und Berlin und das Marketing in Köln, während die Kunden z.B. aus Chile oder Deutschland kamen. Dadurch kam es zu häufigem Kontakt mit anderen Mitarbeitern der Firma, die sich aus verschiedensten Nationen zusammensetzen: Deutschland, Lettland, Russland, Spanien und Holland. Durch die häufigen Skype-Konferenzen und Telefonate hatte ich am Ende meines Praktikums das Gefühl, viele neue Leute und Kulturen kennengelernt zu haben
Was hat dir am Praktikum am besten gefallen?
Wie ich zuvor schon beschrieben habe, besteht TechHub Europe aus einem Team von Mitarbeitern, die an den verschiedensten Orten auf der Welt sitzen. Dies erfordert ein besonderes Management und eine gut funktionierende Absprache untereinander, um alle Anforderungen, die von den Kunden gestellt werden, perfekt zu erfüllen. Das dies so gut und reibungslos funktioniert hat, hat mich doch sehr begeistert.
Was ging gar nicht?
Um ehrlich zu sein fallen mir hier keine großen Punkte ein. Bis auf die WLAN-Verbindung, welche ganz gerne mal genau während der Skype-Konferenzen abgebrochen ist, habe ich nichts zu bemängeln. Insgesamt hat es mir gut gefallen.
Würdest du ein Praktikum bei uns weiter empfehlen?
Durchaus. Jeder der eine Stelle als Werkstudent oder Praktikant im Bereich Softwareentwicklung, App-Testing und Kundensupport sucht, ist hier perfekt aufgehoben. Auch um sich einen Überblick über den Arbeitsalltag und die täglichen Aufgaben eines Wirtschaftsinformatikers zu verschaffen ist ein Praktikum bei TechHub Europe empfehlenswert.
Als Praktikant wird nur Kaffee gekocht – Mythos oder Wahrheit?
Das ist tatsächlich ein Mythos. In der Regel habe ich nur Tee gekocht.
Spaß bei Seite, dass nur Kaffee gekocht wird ist Quatsch. Bereits an meinem ersten Arbeitstag, wurden mir alle notwendigen Accounts und Programme eingerichtet, um meine Arbeit zu beginnen. Nach kurzer Zeit der Einarbeitung konnte ich schon viele kleine Aufgaben selber erledigen. Von Zeit zu Zeit wurde mir der Umgang mit den Systemen immer vertrauter und ich lernte viel dazu. Es mag sein, dass man während mancher Praktika viele Aufgaben macht, die nicht viel mit dem eigentlich Beruf zu tun haben, dies ist bei mir jedoch zum Glück nicht der Fall gewesen.
Was nimmst du aus deiner Zeit bei TechHub Europe mit?
Während meines Praktikums bei TechHub Europe habe ich gute Einblicke in Unternehmensabläufe bekommen und mir neue Fähigkeiten im Umgang mit verschiedensten Tools und Programmen angeeignet. Zudem weiß ich nun, wie gut die Zusammenarbeit von unterschiedlichen Mitarbeitern an unterschiedlichen Orten der Welt funktionieren kann, wenn man es schafft diese immer gut zu koordinieren und zu managen.
Sehen wir dich bei TechHub wieder?
Gerne würde ich in den Semesterferien wieder bei euch als Werksstudent arbeiten. Ich freu mich drauf!
The fabulous Mary Meeker – The Data is in. Internet 2016, KPCB.
Download the report here:
2016_internet_trends_report_final.pdf
A Video Outtake
Im Moment gibt es an dem Begriff FinTech oder auch InsurTech kein Vorbeikommen. Unter beiden Begriffe werden moderne Technologien im Finanz- und Versicherungssektor zusammengefasst, die aktuell die Geschäftsmodelle der etablierten Platzhirsche ordentlich aufrütteln. Für alle Banker, Versicherer und sonstige Anbieter von Finanzdienstleistungen ist daher der Überblick von CBInsights mit insgesamt 63 internationalen FinTech Startups ein guter Orientierungspunkt. Auf einem übersichtlichen Poster finden sich die derzeit wichtigsten FinTechs. In dem dazugehörigen Artikel erfährt man auch mehr darüber welcher Investor hinter dem jeweiligen FinTech steckt und womit welche Zielgruppe adressiert wird.
Quelle: https://www.cbinsights.com/blog/fin-tech-startups-millennials/
TechHub Europe GmbH is a leading German provider of Apps, API's and Cloud Native Solutions for Mobile First Commerce, Energy Management, FinTech, InsureTech and Industrial IoT solutions.
TechHub EU delivers Cloud Services for POS and Location Management, Metrics and Analytics, Messaging and Push Notifications, GPS-Tracking, W3W, Wallets, Distributed Ledger.
Oststr. 11-13 (Rhein-Carré) D-50996 Köln-Rodenkirchen T: 0221-935 521-84 F: 0221-935 521-86 hello @ techhub.eu
Profil von Tech Hub Europe GmbH in Ariba Discovery anzeigen
design & content © Tech Hub Europe GmbH
