Did you know that less than 1% of UK cancer research spend has been directed towards Pancreatic Cancer?

No? We didn’t either, so we decided to fundraise for Pancreatic Cancer UK by taking part in a 10,000ft Skydive on 19^th May 2019.

Every life in the CoreStream DropOuts have been affected by cancer in different forms so we decided to elect a form of cancer that is often overlooked and misdiagnosed.

All money raised for this event will be sent to Pancreatic Cancer UK, who are committed to making sure that it is used effectively and where it is needed the most.

We would really appreciate any sort of donation you could give – as it all makes a difference!

https://uk.virginmoneygiving.com/fundraiser-display/showROFundraiserPage?pageId=1015444

Thank you,

The CoreStream Dropouts

It is widely acknowledged within the testing industry that Samsung’s Galaxy Note 7 was a textbook testing failure and a watershed moment in the company’s recent history.

This fiasco resulted in a large hit to their profit margins alongside massive reputational damage. For me, as a young QA manager, it highlighted that ensuring quality in the all-seeing age of social media must be a principal priority for any organisation releasing and developing new products.

In order to generate confidence in a product, companies should engage in several cycles of quality assurance. For example; manual testing of software, stress testing the limitations of a platform, and performance testing are all regularly used and integral to ensuring the quality of a product in the market. Traditional testing roles have evolved rapidly in the last couple years as organisations increasingly strive to focus their efforts on continuous development, whilst seeking the highest form of quality. Automation has emerged as a central part of the testing process.

As organisations pour investment into the development of automation skills, they are actively freeing up massive amounts of time in which employees are able to add value to quality assurance in other ways (i.e. the analysis of platforms). This has led to a major shift in the skills required for testing and QA over the last few years as open source technologies have become more accessible to both large and small organisations. As a result, there has been a clear move towards more technical based testing.

I would argue that traditional testing roles are no longer as explicit as they once were, as Testers are now often intimately involved during the Development and Business Analysis phases of a project lifecycle. As a result, employees outside of the Testing function are now far more likely to be conscious of the need to ensure quality and thus work in a more collaborative manner ahead of product releases. However, despite a positive shift in most teams, and an increase in the number of technical skills learnt by Testers, I believe it is crucial to maintain the traditional core skills and mentality of manual testing in order to lead the testing process as a whole.

Although there has been a clear increase in the demand for automation testing roles across the industry, several challenges to the maintenance of automation have emerged. The 2018 – 19 World Quality Report (WQR)* discusses how the level of automation of test activities is “still very low”. In the report, over 60% of respondents highlighted “difficulties automating their QA and testing processes” due to frequent changes to platforms with every release. Such a scenario is leading to struggles in order to maintain a robust testing framework. Thus, I think it is incumbent upon organisations to invest more time in skilling up their employees in order to maintain a stream of steady releases to market without impacting quality.

At CoreStream, the Senior Leadership Team has understood the benefit of investing time and resources into setting up and maintaining an automation function within the QA team. We have taken active steps in training and developing skills, so that we as an organisation can continue to make more changes to a product without the fear of impacting quality when faced with tight deadlines. I believe this change is a positive one and one that I have embraced fully. However, as a manager I will seek to challenge myself to continually recognise and embed a healthy attitude towards the indispensable skills of manual testing and analysis within my team.

CoreStream is continually working in a collaborative manner, allowing manual and automation testing to complement each other during the project and release lifecycle. By using core elements of manual testing alongside the speed and technical intelligence of automation testing we have embedded a faster and more efficient process.

Alka Kumar

Test Manager, CoreStream

* Reference: https://www.microfocus.com/en-us/marketing/world-quality-report

It’s been 8 months since the EU General Data Protection Regulation (GDPR) came into force, and organisations are becoming increasingly aware that GDPR is not a one-time project.

Understanding the detail and implications of the GDPR is a daunting task, and some companies might still feel that it is easier to bury their head in the sand rather than to invest the necessary resources to achieve GDPR compliance. However, failure to comply with the GDPR leaves organisations open to substantial fines. According to the ICO (Information Commissioner’s Office), this could mean a fine of up to €20 million, or 4% of your total worldwide annual turnover (whichever is higher).

Based on our experience, it is becoming clear that there is no ‘one size fits all’ approach to GDPR. However, there are a few common steps that all organisations should go through when embarking on the journey to GDPR compliance*.

Step 1: Understanding the GDPR articles

The inevitable first step in GDPR compliance is being aware of and understanding the key GDPR articles. There are many useful information sources out there, but a good place to start is the ICO website.  The most important at the outset is Article 5, which sets out the seven key principles of GDPR:  Lawfulness, Fairness and transparency, Purpose limitation, Data minimisation, Accuracy, Storage limitation, Integrity and confidentiality (security), and Accountability.

Compliance with these key principles is therefore an essential part of achieving good data protection practice.

Step 2: Conducting an Information Audit

In order to ensure that you are protecting your information according to the seven key GDPR principles, you first need to conduct an information audit so that you know exactly what information you hold. As part of the information audit, each organisation will need to look at how they collect, process, share, store and delete data.

Step 3: Creating an Information Asset Register (IAR)

Many organisations associate assets with IT equipment such as laptops and servers (i.e. physical assets).

However, it is crucial that organisations also keep a record of their information assets, to ensure that organisations understand what these information assets are, who are they shared with and how these assets are classified (e.g. OFFICIAL, SECRET, TOP SECRET etc).

An Information Asset Register (IAR) is a centralised repository which contains details of all the information assets held by your organisation. This can include physical assets (such as paper files) and electronic assets (such as spreadsheets) and includes a record of the data being held, and how you store, process and share it.

It is important to know and fully understand what information you hold in order to protect it and be able to exploit its potential. Therefore, creating an IAR is a vital first step to protecting your information assets, as required under GDPR.

Step 4: Data Flow Mapping

Another important step towards GDPR compliance is to understand how information moves through your organisation.

Expanding your IAR to include data flow mapping can help increase the visibility of data flows, which can reduce the risk (and magnitude) of data breaches. In the unlikely event of a breach, an organisation would be able to ascertain exactly what data had been compromised and take the necessary action to ensure that the breach is contained (thereby reducing any further financial or reputational damage).

Following steps 1 to 4 outlined above will not only assist your organisation with protecting its data, but it will also demonstrate to auditors and regulators that you have taken the necessary steps to protect the information that you hold.

How Technology can help….

Whilst it is possible to create and maintain your Information Asset Register (IAR) using spreadsheets and word documents, the real challenge comes from keeping the asset register up to date and ensuring a consistent quality of data. This challenge will only increase as data volumes grow, meaning that increasing numbers of organisations are looking for tools to automate this process. We believe that investing in an online IAR is vital to reducing the ongoing costs of information governance, improving data quality and proactively managing your information risks.

Many of our customers have been looking for a tool to help them align with the major GDPR principles. CoreStream’s Information Asset Management software (IAM) provides organisations with an online Information Asset Register to manage the end to end asset life cycle. It enables organisations to identify, understand and manage their information assets and flows, as well as any associated risks, breaches and actions. Our platform is intuitive, flexible and can be configured to meet our customers’ individual needs.

For further information on CoreStream’s Information Asset Register software and Data Flow Mapping capabilities, please visit our website. Alternatively, if you would like to request further information about our platform or arrange a demonstration, please contact Sophie Lis (sophie.lis@corestream.co.uk).

*This guide is purely for guidance purposes and does not constitute legal advice or legal analysis.

It has been another busy year for the CoreStream team. As we look back over the last 12 months, we have really enjoyed supporting and working alongside our new and existing clients, and are incredibly proud of the results.

Some of our key highlights for this year included:

• Helping our clients to adapt to the ever-changing regulatory landscape, with a particular focus on enhancing our Information Asset Management product to align with GDPR.
• Continuing to expand our platform with a range of new and exciting features, whilst maintaining our strategic focus on quality, flexibility and user experience.
• Moving to our new, larger office and welcoming a number of new members to our ever-expanding team.
• Our exciting new partnership with The Felix Project – a charity organisation which collects and delivers unsold fresh and nutritious food to those experiencing hunger, producing nearly 3 million meals per year.  We are proud to have helped by producing a bespoke risk management solution, allowing them to focus on their very important work in the community.

And the journey isn’t stopping there. The coming 12 months promise to be our busiest yet with exciting new projects and an extensive redesign of the CoreStream Platform on the agenda.

The CoreStream management team would like to wish all our clients a very happy and restful holiday period, and a successful 2019.

The Felix Project and CoreStream:

The Felix Project, a charitable organisation, collects and delivers unsold fresh and nutritious food to over 200 charities and schools. Producing nearly 3 million meals per year to those experiencing hunger, they have a valuable and positive impact on society.

We at CoreStream wanted to contribute to this worthy cause, so when we were approached by The Felix Project for help with risk management, we were only too glad to help.

Their key requirements were to:

• Spend less time managing potential risks;
• Improve risk visibility at all levels, up to and including the board; and
• Manage their risk mitigation actions in a central location.

Our bespoke Risk Manager helped solve these problems, and now The Felix Project can spend less time and effort managing potential risks and focus on helping the community.

We wish The Felix Project every success. For more information on their fantastic work, please visit: http://thefelixproject.org/.

If you would like to hear how we can benefit your organisation, please contact info@corestream.co.uk; or for more information on our platforms visit: https://www.corestream.co.uk/our-platform/.

With 2018 heading to a close at the digital age’s usual breakneck speed, we have been fortunate enough as UX designers and User Interface (UI) developers to be more involved than ever in the process of product design. Businesses now recognise the importance of audience research, A/B testing and pattern libraries when designing and constructing the best user experience. So equally, we must now recognise the importance of overall business realities in helping to determine where we should focus our UX energy.

Some of our latest developments at CoreStream have touched on the trends we have seen evolve in UX, including voice interactions and responses, such as in the Safety Step-Up App. Our incident reporting process in the app is currently voice driven and will soon become conversational as the system grows to be able to interpret what you are saying and ask follow-up questions. Longer term, this will move to another of 2018’s growing trends, Zero UI interfaces, by taking advantage of platforms like Amazon’s Alexa. Zero UI systems and other non-traditional interfaces such as Augmented Reality (AR) and Virtual Reality (VR) force us to rethink how we design user experiences and require an even broader understanding of our audience to succeed.

In our main platform, the new features are heavily focused on reacting to all we have learned over the years about our users and the right UX for them, taking care and time to make the input of information as frictionless as possible. Some of our clients require large, complex workflows, but equally require the same level of immediacy and ease of use they receive in other areas of their digital lives. This requires clever planning, action signposting and journey planning to allow us to improve our clients’ experience of our platform, while still providing the advanced features they need when they need it. A clean minimalist look, high-speed load times and informative motion are just some of the results we have achieved so far. We’re excited to see what challenges 2019 will bring us, and we will look forward to providing you with the latest updates.

Ben Gallienne
Head of Front-End Architecture

CoreStream is delighted to announce the release of a new version of Information Asset Manager to include Subject Access Requests.

What is a Subject Access Request?

The right of access, commonly referred to as a Subject Access Request, gives individuals the right to obtain a copy of their personal data as well as other supplementary information. It helps individuals to understand how and why you are using their data, and check you are doing it lawfully.

How can CoreStream help with Subject Access Requests?

Recital 59 of the GDPR recommends that organisations ‘provide means for requests to be made electronically, especially where personal data are processed by electronic means’.

CoreStream Information Asset Manager includes an online Subject Access Request form that enables individuals to submit Subject Access Requests to the Data Compliance Officer (DCO) for approval. If the DCO decides to accept the request, they can trigger the generation of tasks to the relevant Access Request Owners within the business to subsequently action (e.g. prepare data for sharing with the subject, data erasure etc.). The system then tracks the completion of tasks, and the closure of Subject Access Requests once all actions have been completed.

For Subject Access Requests received verbally or in writing, the system enables the requestor to select the mechanism for the request and upload evidence (if required).

What are the benefits of bringing Subject Access Requests online?

• Standardised online forms can make it easier for organisations to recognise a subject access request and ensures that the requestor can capture all the details you might need to locate their information.
• Reduces the ongoing cost of managing Subject Access Requests through a simple browser based interface.
• Allows for consistent reporting of Subject Access Requests, with real-time reports available at the click of a button.

On Wednesday 31st October, the CoreStream team attended the Digitech18 Conference in Leeds. The event brought together over 60 leading technology organisations, showcasing their products to Public Sector Organisations.  We were pleased to be able to demonstrate some of the key benefits of the CoreStream Platform to the delegates.  Some of the key themes were:

• Our ability to implement robust and mature solutions quickly and securely;
• The intuitive look and feel of the Platform; and
• The ability to provide real time reporting for senior management.

To find out how we can provide real benefits to your organisation, please contact us at info@corestream.co.uk

Cyber Essentials is a UK Government Scheme that helps organisations improve their online defences and guard against a whole range of the most common cyber attacks.

This reflects our ongoing pursuit of the most robust security standards and our commitment to protect our company, clients and partners.

The scheme ensures that, as an organisation, we meet certain security standards across a number of technical areas, including:

• Secure Configuration
• Access Control
• Malware Protection
• Patch Management

This is just one way in which CoreStream is continually reviewing and testing its security practices to be at the forefront of internet security.

For more information about the Cyber Essentials Government scheme, please visit: https://www.cyberessentials.ncsc.gov.uk/

On Monday, CoreStream moved to a newer and larger office in Marble Arch, London. Our new address is 25 Green Street, London, W1K 7AX.

Please update your address books!