270 likes | 405 Views
Privacy A Corporate Responsibility. Ronald Ross, CEO. Privacy A Corporate Responsibility. How bad it gets? Social and economic implications Legislations Challenges MSS and privacy Conclusion. Refreshing Statistics.
E N D
Privacy A Corporate Responsibility Ronald Ross, CEO
Privacy A Corporate Responsibility • How bad it gets? • Social and economic implications • Legislations • Challenges • MSS and privacy • Conclusion
Refreshing Statistics • The U.S. Federal Trade Commision’s Hotline received 445 phone calls per week in November of 1999 • By June 2001 the number rose to 1800 calls per week
Categories of Identity Theft • Credit Card fraud • Unauthorized Phone or Utility Services • Bank Fraud • Fraudulent Loans • Government Documents or Benefits • Other Identity Theft • Multiple Types
More Statistics Source: U.S. Office of the Inspector General, August 1999
Canadians Accessing the Internet Source: Industry Canada
Use of the Internet by Sectors Source: Industry Canada
Barriers to E-Commerce Development Source: Deloitte and Touche Source: Ekos Research Associates
Privacy Legislations • CANADA: • Personal Information Protection and Electronic Document Act, April 13, 2000 • U.S. : • Health Insurance Portability and Accountability, 1996 • Children’s Online Privacy Protection Act, 1998 • Gramm-Leach-Bliley Act for the banking industry, 1999 • Europe: • Data Protection Directive, 1995 • Telecommunications Directive, 1997 • Australia: • The Privacy Amendment Act, 2000 • Japan: • Guidelines Concerning the Protection of Personal Information Associated with Electronic Computer Data Processing in the Private Sector, 1989
Most Recent Developments • U.S.: • Federal Trade Commission will hold a workshop in December 2001 to assist companies with writing privacy policies that comply with Gramm-Leach-Bliley Act • October, 2001 - California Creates Identity Theft Law, Senate Bill 168 • Europe: • Anti Spam legislation • Echelon report accepted
Security and Privacy • IT Security and Privacy are closely related • Without proper security and security policies, the privacy cannot be enforced • Technology is just an enabler to protect the private information • People are managing the technologies and risks
Challenges • Complexity of the systems, including the OS. Microsoft Windows 2000 estimated to have 35-40 million lines of codes • Network configuration errors • Shortage of qualified IT security personnel and turnover • Costly to maintain in-house • Lack of funding • Human factor
Compliancy with the Privacy Act: Basic Questions • Do you have a Security policy in place? • Do you enforce your Security policy? • Do you encrypt all private and sensitive data? • Do you monitor any unauthorized access to private information? • How the cookies are handled in your organization? Who can access the cookies?
A Brief Introduction to JETNET • Founded in 1998 in Ottawa as a “JetForm Affiliate” • Design of International Deployment of VPN/FW • First mover in “Managed Security Services” • Recognized as a “Pioneer” by TeleManagement • Ottawa, Toronto Locations • 7/24 Internetworking Operations Centre (IOC) • JETNET is Canada’s leading Managed Security Services Provider • Impressive Customer List • Patent pending technology and service delivery
JETNET Technology Partnerships • Partnerships with the leaders in the security market • Best of breed technology offering
We Offer to You... • Focus • Our only offering is MSS (Has been for the last 3 years) • Track Record • “Blue Chip” Customers, Systems, People • Trust factor/Relationship has been established and maintained • Mature Offering • 3 Year design and development • Process Driven and extensive expertise • Investment in Infrastructure has been made • Annuity, High Leverage Model in a High Growth Market • Ability to compensate your team and deliver • Continued Support • Employees, Customers and Investors
JETNET Services • Managed Firewall • Managed VPN Branch • Managed VPN – Remote Access • Managed Radius Authentication Service • Managed Authentication – VPN • Managed Authentication – Web • Bundled Security Service – FW, VPN, FW/VPN • Professional Services • Vulnerability assessment services
JETNET Global Coverage - Coverage by countries
JETNET’s Technology Can Help To Safeguard Your Network • Security Activity Manager Collection Agent or SCA is an agent on a dedicated HW • SCA can securely track different events and log files within the LAN’s DMZ area • Top 10 Web sites reports • Top 25 Users • In-house developed or third party applications for monitoring privacy compliance can be deployed and alerts can be generated in a real-time
JETNET In-house JETNET In-house Business Models Comparison
Customer Deployment JETNET Intelligence JETNET Monitoring Customer Feedback JETNET SCA E-mail FW IDS JETNET IOC SAM VPN Device VPN GW Phone, pager JETNET – Customer Data Flow
Monitoring The Privacy Act Compliance • Privacy compliance audits • Recommendations/implementation for improvement, based on the results of audits • Proactive Managed Security Services – protect the networks • Managed applications inside the customer network (SCA) to monitor any unauthorized behavior and notify the customer
Conclusion “Technological advances have also facilitated ’identity theft,’ the availability and misuse of electronic account and personal information. Identity theft poses significant risks to financial institutions and individuals alike. The Internet is also engendering other bank-related frauds.” Statement of Charles L. Owens; Chief, Financial Crimes Section, FBI; in a hearing on Financial Instrument Fraud held by the Subcommittee on Financial Services and Technology; Committee on Banking, Housing, and Urban Affairs; U.S. Senate; Sept. 16, 1997.