Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
<Insert Picture Here>
The Data Opportunity: Using data for economic and social benefit – reaping the benefits while addressing the challenges.
Joseph Alhadeff/Vice President Global Public Policy, Chief Privacy Strategist Victoria Privacy and Security Conference 2016
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 2
Are You Capitalizing on the Data Opportunity?
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
(Don’t just assemble information, take advantage of it) 3
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
“People think we got big by putting stores in small towns. Really we got big by replacing inventory with Information”. Sam Walton
http://www.slideshare.net/monicamishra10/walmart-value-chainanalysis
Data-Driven Innovation
4
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 5
Creating Unique Data-Driven Value In A Unique Way
Datafy More Activities
Create Proprietary Data Assets
Use Data To Make Data
Achieve Network Effects
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 6
Data Liquidity
DATA CAPITAL
CHANGE THE BUSINESS RUN THE BUSINESS
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 7
Enterprise Big Data Architecture
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
BIG DATA MANAGEMENT
BIG DATA ANALYTICS
BIG DATA APPLICATIONS
BIG DATA INTEGRATION
DATA CAPITAL
Connect And Govern Any Data
Simplify Access To All Data
Discover And Predict, Fast
Accelerate Data-Driven Action
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 8
What is the value of data in context and application
Do you base your trust just on the sign?
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Infrastructure
Platform
Software
Data Lake
Hyper-Converged Compute, Storage, Network
On Premises Cloud
Public Cloud
Data Warehouse
Data Factory
Data Lab
Algorithms Analytics Applications
Hybrid Cloud
9
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 10
How to use data to drive organizational change
Understand the objective, it’s benefits and risks…
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Your operational challenges
Deliver new and better
services
Improve staff
development and morale
Cut service costs and
optimise budgets
Comply with
E-Gover nment policy
11
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Addressing those challenges
Flexible processes to deliver new services
quickly
Improve operational insight to drive
good governance Empower staff to improve efficiency
and morale
Streamline processes to reduce
service cost
12
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Challenges
13
Integration and support Time to value
Future scale in question
Loss of business opportunity Poor UX across channels
Static security model
Fragmented Solutions
Poor Digital Experience
TCO = Value
Onerous security implementation Lack of integrated
and closed loop processes Lack of accountability
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |
Solutions and Connecting the Customer Experience
14
Engage candidates for future needs to best serve customers
Knowledge management Cross-channel contact Field service
Data management Cross-channel Individual campaigns Content
Sales automation Territory and quota Partner management
Storefront Experience Merchandising
Configure Price Quote
One integrated platform
Modern HR Service
Sales
CPQ
Commerce
Marketing
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |
Providing the Platform of Change
15
INTEGRATION
ANALYTICS
DATA
MANAGMENT
MOBILE COLLABORATION
CUSTOM APP
SECURITY
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Example of Integrated Process
Airplane detects A/C malfunction: Determines 45- minute delay to fix
Pilot/airline approves
Passengers notified to arrive 45 minutes later
Repairs scheduled when plane lands on tarmac
Airlines alerts all technicians to check A/C units for similar planes
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Data drives Smart Cities…
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Solution for Cities That Want to Become Smart
• Integrated multi-channel services (self-service web/chat, email, local single number) delivery platform for 90%+ resolution of most government service requests
• Analytics for continuous improvement of service delivery, which services to prioritize, extend, consolidate or even discontinue
• Modernize IT infrastructure to enable integration and interoperability with the city’s existing siloed legacy IT infrastructure to enhance service delivery capability
ENGINE
COCKPIT
Fuselage
18
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Where do you need to improve?
• Meet key objectives and targets
• Measure performance against objectives and targets
• Enable citizens to help themselves
• Deliver seamless service across channels
• Remove service bottlenecks
• Understand and control the cost of service delivery
• Better access to information for staff and citizens
• Motivate staff to improve service levels and morale
19
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 20
Information Age Applications for Smart Cities
Financial Administration
Human Resources
Analytics
6
7
8
Governance, Risk & Compliance
9
IT Shared Services 10
External Groups 1
Single Point Of Access 2
City Operations 3
City Infrastructure 4
City Administration 5
0
Constituents
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Nervous System
• Smart Cities are more than arrays of linked sensors; they are like an organism's nervous system – an ecosystem that collects information across a variety of sources and processes it for multiple uses including making inferences from information and developing derivative as well as new information from those sources.
21
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
• Data is the connective tissue for reliable, timely, and integrated Intelligence
• Data has inherent value and when combined with other data
• New intelligence is the result of combining and linking this data together
• Must meet the demand of the data growth, analysis and actionable results
• Need to empower analysts, developers and data scientist to explore, test and evaluate with ease and speed
• Must address the complex legal, commercial, and privacy rights issues governing data usage
Governments and the Private Sector use data to drive their missions and need to overcome many of the same challenges
Data Driven Intelligence
22
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
The Security and Privacy Paradigm
Privacy and security are closely related and context dependent. Security is closer to an absolute with variance in risk tolerance where privacy is more subjective in personal definition and application. Both concepts are screaming stop and walk away…
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Not just more security, adaptive security…
•Security that can dynamically adapt to shifting context and risk… •Driven from the data layer and leveraged across the stack •While relying on integrated identity management •Supported by access controls, audit and real time notification
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Risk-Aware Security
• Username and password are correct but is this really Mary?
• Is Mary doing anything suspicious?
• Can Mary answer a challenge if the risk is high enough?
Fraud Prevention Secure Login
Challenge
or Block
Model Risk
Evaluate
transactions
Analysis and
Forensics
Detect Anomalies
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Real-Time Identity Theft + Fraud Prevention
Where a User Is (Geo-Location)
What a User Does
(Behavior Pattern + Profiling)
What A User Has
(Device Fingerprinting)
What A User Knows (Pin, Password,
Challenge Questions)
Users
Merchants
Admins
Custom Applications
Portals
Business Applications
User
Location Device
Adaptive Access Control
26
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Real-Time Identity Theft + Fraud Prevention
Computed Risk Score
Users
Merchants
Admins Custom Applications
Portals
Business Applications
Allow
Block
Challenge
Alert
27
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Oracle Identity Management
28
Secure Hybrid Identity Solution
Leverage security investment
Manage cloud/enterprise access Address regulatory compliance
Securing Digital Transformation
Enable digital business
Multi-channel user experience Contextual risk-aware security
Open, Scalable and Agile
Rapid time-to-value
Cloud architecture scale Standards and APIs
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
IDENTITY
MANAGEMENT
EVOLUTION
DIRECTORY: Consolidating Authoritative Sources
ACCESS: Attribute Based Access Control and UAAS Federation
GOVERNANCE: Enforcing Least Privilege and Addressing the Insider Threat
Enterprise Cloud Mobile
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Current Community Challenges
Authorization Beyond Identities & Roles
Address the Insider Threat
Extend Security Infrastructure to Remote Sites
Ensure Alignment with Community Cloud
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
How Can These Challenges Be Addressed?
Fine Grained Access with ABAC
Profile and Behavior-based Access
Leverage UAAS Federation and Attribute Sharing
Employ Industry Vetted Security Standards and APIs
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
*7#$%!!@!%afb
##<>*$#@34
Data Encryption
Key Vault
Key Vault
Data Redaction dob:xx/xx/xxxx
ssn:xxx-xx-4321
Applications
Users
CX App
DB Controls
Access denied
Date of Birth
SSN Privileged Users Privileged
User
32
Protect Databases from Attacks
Region, Year
Size-based
Data Subsetting
Dev/Test Partners, BI
dob: 12/01/1987
Data Masking
11/05/1999
xxxxxxxxxx
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Audit Data
Audit Data, Event Logs
33
Audit, Monitor, and Detect
Database Firewall
! ✔ Users
SYBASE
Policies
Reports
Alerts !
Network Events
Applications
Audit Vault
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 34
SECURITY INSIDE OUT Security close to the data eliminates guesswork, maximizes performance with application transparency
ENTERPRISE SCALE DEPLOYMENTS Across multiple systems: operating systems, heterogeneous databases, applications, …
Security From The Ground Up
DEFENSE IN DEPTH Layered overlapping controls with encryption, masking, auditing, monitoring, access control, redaction, …
CONTINUOUS INNOVATIONS Transparent Data Encryption, DBA Control, Redaction, Privilege Analysis, DB Firewall, RAS, Cloud, …
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Defense-in-Depth for Maximum Security
Activity Monitoring
Database Firewall
Auditing and Reporting
DETECTIVE
Redaction and Masking
Privileged User Controls
Encryption
PREVENTIVE ADMINISTRATIVE
Sensitive Data Discovery
Configuration Management
Privilege Analysis
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Risks for Databases in Cloud Risk Mitigation
Sensitive data exposure on test/dev/partner Mask and subset before moving to cloud
Loss of clear-text data Encrypt data by default
Block access to encryption keys Control keys with on-premise Key Vault
Block access by the cloud DBAs Restrict DBA access with Database Vault
Monitor Database activity Audit and monitor with on-premise Audit Vault and Database Firewall
36
Address Cloud Database Security Challenges
Maintain Control and Visibility
* Work in Progress
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
First, know your own system… some highlights… • Identify business goals and objectives
• Understand and optimize processes and workflows for the applicable operational and technological environment
• Generally understand the nature of the data and the resulting risk both to the enterprise and the end user/data subject of a compromise of the data
• Associate roles and privileges to those persons who will access data and assure that they are trained and accurately maintain roles and privileges as they change and apply appropriate separation of duties…
• Identify risks/threats, determine acceptable risk and mitigate risk to acceptable levels
• Security lifecycle management, training, incidence response, business continuity…
37