Upload
summit-nmims
View
238
Download
1
Tags:
Embed Size (px)
DESCRIPTION
SummIT, The Technology cell of SBM NMIMS, Mumbai presents its January 2015 edition of its newsletter - Ideate!!
Citation preview
TRANSFORMING BUSINESS DEVELOPMENT
SummIT—THE TECHNOLOGY CELL, NMIMS
IDEATE JANUARY 2015
EDITOR’S NOTE
TEAM SUMMIT
President
ARJUN KRISHNAN
Vice President
PRATYUSH PANDA
Creatives Head
MEGHNA GUPTA
Editorials Head
VIBHU VATSALA SOOD
Events Head
RIDDHI KUNDU
New Initiatives Head
TARUN GUPTA
“Privacy is one of the biggest problems in this new electronic age”
—Andrew Grove, Former CEO, Intel.
Dear Readers,
In today’s Internet of Things, we are more connected than ever
before. However, “WE ARE BEING WATCHED”. The data we put
on the Internet isn’t so secure and private after all! In this edi-
tion, we explore the intriguing trade-offs, which the technologi-
cal community strives to achieve between surveillance technol-
ogies and privacy.
SummIT- The Technology Cell of NMIMS, presents to you our
January newsletter ‘IDEATE’ on the theme “Data privacy – The
price we pay for technology”. This edition includes an exclusive
chat with Mr. Prakash Baskaran, CEO, Pawaa Software, focusing
on data security as a service and Pawaa’s work in the realm of
Information Rights Management. Also, we bring to you, the two
best articles on the cover theme selected from amongst the
huge number of entries received from business schools across
India.
It is our constant endeavour at SummIT to keep our readers
abreast with the latest technological innovations that have the
potential to make an impact in the coming future. The
Techbytes section looks at two such disruptive innovations De-
tekt and Rico. To promote and honour the spirit of entrepre-
neurship in technology, in this edition, we take a closer look at
two startups – Pawaa and Bitglass.
We thank the authors and the esteemed guest for their valua-
ble contributions. We are also grateful to our readers’ constant
patronage which has encouraged IDEATE to reach new heights.
We would love to hear from you, for any feedback or sugges-
tions, please feel free to write in to us at [email protected].
Enjoy Reading!!
-The Editor, iDEATE
IDEATE JANUARY 2015
WHAT IS IN STORE...
PRIVACY : THE PRICE WE PAY FOR TECHNOLOGY
PAWAA SOFTWARE : CHAT WITH THE CEO
TECH BYTES
STARTUPS
GOVERNMENT SNOOPING : JUSTIFIED?
CEO, Pawaa software
IDEATE JANUARY 2015
TECH CHAT WITH PRAKASH BASKARAN
INTERVIEW
1
Tell us something about yourself.
I come from a family of traders and we
have traditionally been in business. Per-
haps in some sense, I was a black sheep of
the family. I studied engineering unlike
others in the clan, and went on to do Mas-
ters from US; I also worked for large cor-
porations like IBM, Lucent and AT&T.
I later drifted into providing technology
consulting; I joined a company called
Xcelerate that provided consulting to start
-ups in getting into the B2B marketplaces.
The job was to consult with my start-up
customers in investing in off-the-shelf
products or developing their own market
place. That is when I was first introduced
to the exciting world of start-ups.
After 3 years at Xcelerate, at the peak of
the internet boom, I started my first com-
pany, which provided the same technolo-
gy consulting services. After the bust of
B2B, I went to do an MBA in 2001 and
then ran a small healthcare lab.
A couple of years later, I shifted back to
India. My next initiative was in the HR
space for creating platform and standards
to streamline online recruiting. Later, I
started a company to offer calling services
using Voice over IP to leverage the cost
arbitrage from India. I ran this for about
4-5 years.
"Mr. Prakash Baskaran has been a serial entrepreneur. He started his career working with
giants like IBM, AT&T and later forayed into the world of startups working with several
companies in different domains before starting his own venture in the techspace to deal
with data security.
SummIT is glad to present the highlights of the interview with Mr. Baskaran on Pawaa.
IDEATE JANUARY 2015
INTERVIEW
2
You might wish to call me a serial entre-
preneur, because next I went on to start a
company, which was neither geograph-
ically dependent, nor vertically focused. I
always wanted to create something that
had a much wider applicability like data
security. That was a ‘voila’ moment and I
started Pawaa.
With proliferation of web connected de-
vices and smart components generating
too much data, security is going to be-
come very important. Information securi-
ty is tied to devices; the content largely is
still insecure. With mobility, Internet and
cloud, data security is imperative. Howev-
er, we cannot view security in isolation;
there is so much to it in terms of network
security, device security etc. Just securing
devices is not enough, we need to be
able to secure content and that is just as
significant.
Why does IRM – Information Rights
Management face resistance?
The traditional paradigm of IRM was to
tightly integrate the four aspects of au-
thentication & authorisation, encryption
& decryption, policy management and
policy enforcement. This old-fashioned
way has to change. With our approach,
we can authorize the user based on any
type of authentication source – OAuth
(google, yahoo, live, box, etc.), AD/LDAP,
OTP (one time passwords), Secure tokens,
device ids, certificates, among other
means; thus obviating need for maintain-
ing multiple identities.
Why is IRM not very popular?
IRM, due to its faulty development has
not been well received by customers.
Microsoft requires one to authorize
against Active Directory. For instance, Mi-
crosoft forces one to use document types
from their ecosystem. Consider if your
organization is using Google Apps for mail
and OneDrive for cloud storage, what is
one supposed to do in that case.
The tight integration of authentication &
authorisation, encryption & decryption,
policy management and policy enforce-
ment, is undoing the IRM software. This
compels people to maintain multiple
identities, limits the use cases, limits the
supported applications and eventually
creates a Snowden situation within any
organization. With our approach, we can
support multiple types of file transac-
tions, since the four components are
IDEATE JANUARY 2015
INTERVIEW
3
loosely connected. By late binding the pol-
icy to the encrypted objects to the four
aspects of IRM, true flexibility can be
achieved. This allows protecting email
attachments, files that are stored and
shared via cloud storage, files that are
downloaded from content repositories
and reports that are generated from en-
terprise and cloud applications.
What is Pawaa’s vision for future of IRM?
The platform that we have created has
given birth to many products and solu-
tions. SecurelyShare – our hosted ‘Data
security as a service’ is one such solution
built on top of our own technology
platform. This will separate identity man-
agement from key management. Secure-
lyShare allows us to authenticate with any
service provider’s authentication system –
say a cloud service provider or an email
service provider. Our hosted solution has
‘time limited’ passwords delivered via au-
thorized users email address as a means
to authenticate & authorize the users.
Besides this, large corporations have tradi-
tionally used IRM. We want to extend the
reach of IRM to Small and Medium Enter-
prises and Professional Consumers
(Prosumers, so to speak). By launching Se-
curelyShare, we hope to offer Data Securi-
ty as a service, which is an extremely easy
way to secure your data and share with
only authorized users. Another example
that demonstrates the ease of use of our
technology is our integration with cloud
storage providers. With pawaaBOX, we
have introduced one-touch encryption/
decryption. The content is automatically
encrypted before it touches the network
and the cloud – be it Dropbox, Google
Drive, Box or One drive. Only an author-
ized person can then access the content,
by authenticating against the identity
management of the cloud service
provider.
How large is the IRM market and can it
grow?
While it is difficult to estimate the Mi-
crosoft market, since it is bundled with
software, it is safe to say that the present
market is around $ 100 million for other
IRM vendors put together.
However, the potential for IRM is huge.
Just the password protection of PDF docu-
ments could be multi-billion dollar indus-
try. Not much innovation has happened in
this field here. Today’s solutions cannot
offer the level of ease the password pro-
tected pdf offers. With our approach of
no identity management, we can poten-
tially provide a much stronger security al-
ternative for password-protected pdf.
Besides, cloud computing offers tremen-
dous role for IRM when data moves from
one device to another, to the cloud and to
the collaborators.
It is hard to imagine what Edward Snow-
den was thinking during his flight to Hong
Kong from Hawaii. He was carrying four
laptops, which would allow him to access
highly classified documents of the super-
secret spy agency of the US Government,
the National Security Agency (NSA). As
Guardian Journalists, Ewen MacAskill and
Glenn Greenwald and documentary film
maker Laura Poitras debriefed Snowden,
they realised this was not a normal scoop.
The whistle-blower changed the world’s
perception of technical surveillance and
brought back the focus on the unresolved
questions – Is all this Spying justified? Is it
legal? Is individual privacy so easy to
breach?
Both the NSA & GCHQ (UK Technical Intel-
ligence Agency) along with other allied
intelligence agencies have developed a
Global Surveillance System. A clandestine
mass electronic data mining programme
called “PRISM” was created by NSA post
9/11 .Telecom giants like Verizon, Voda-
fone and others have been forced to part
away with data about their customers to
US Government by Federal Court Order
under FISA (Foreign intelligence Surveil-
lance) Act. Internet giants like Google, Ap-
ple, Facebook, Yahoo & Twitter have re-
ported increasing requests from US Gov-
ernment. Government surveillance
through tech companies is not a new phe-
nomenon.
GOVERNMENT SNOOPING: JUSTIFIED? —Ravi Singh, SBM NMIMS
ARTICLE
4 IDEATE JANUARY 2015
What has changed is the magnitude of da-
ta being stored and the way it is being ac-
quired.
Most of the internet giants and their serv-
ers are located on the US soil. Major Glob-
al undersea communications cables pass
through landing stations in US or their Eu-
ropean Allies. A large amount of global
electronic communication flows through
these servers and cables. The surveillance
program has been sweeping through in-
ternet - Meta data of millions of internet
users irrespective of their nationality. As
per leaked internal documents, the NSA
has used backdoors planted in software
and hardware to access private data with-
out warrants. Zero-day vulnerabilities are
very hard to detect and can be exploited
for a very long time before being fixed.
Further, GCHQ the UK counter part of NSA
has, as per leaked documents, manually
tapped into undersea cables of Reliance
Communications and other players, to ac-
cess data coming from Asia, Africa & Mid-
dle East.
Although surveillance of foreign govern-
ments, institutions & individuals is legally
allowed, warrantless surveillance of their
own people has shocked US citizens. Us-
ing a backdoor search loophole in existing
laws, NSA was allowed to use Google type
system to search information about US
citizens from centralized databases. This
was done by using section 702 of FISA
Amendments Act, which allowed surveil-
lance without individual warrants if both
targets were foreign. However, this was
not the case and many times data about
US citizens were illegally stored and ac-
cessed.
The mass surveillance programmes have
infuriated not only US/UK citizens but also
their allies. GCHQ had allegedly also
hacked into G20 meetings held in 2009 in
London. It was also alleged that NSA had
hacked into German Chancellor and Bra-
zilian President’s personal phones. All this
has critically damaged US/UK relations
with other countries.
People today are more wary of US tech
giants who cannot be trusted with their
personal data. There has been a global
backlash against technology products,
which are ‘Made in America’. Countries
today are encouraging regional online
traffic to be routed locally rather than go-
ing through USA, which could affect tech
giants in Silicon Valley.
Government snooping in not so demo-
cratic countries is an open secret with on-
ly unofficial information being available.
Without oversight and checks-and-
balances intelligence gathering is prone to
abuse by the powerful. The Chinese Gov-
ernment had used censors to prevent its
own citizen from accessing available infor-
mation to innocuously prevent ‘Rumours’
ARTICLE
IDEATE JANUARY 2015 5
from spreading and causing
‘Destabilization’. Many countries on the
other hand have never publicly declared
that they gather Technical Intelligence
through information interception, which
by their own laws is illegal.
Even intelligence services in democratic
countries have been caught using surveil-
lance systems to monitor internal dis-
sents, political developments and person-
al lives of citizens, as per the orders of
their political masters.
In spite of being at the receiving end of
the mass surveillance programs, Indian
Government has reacted in a restrained
manner. Part of this reaction could be re-
lated to surveillance programs currently
running in India and partly because after
facing multiple terrorist attacks, India re-
alizes the necessity of this electronic intel-
ligence gathering.
Since 2005, as Indian intelligence agencies
started catching up with the technical rev-
olution, they acquired capabilities to
intercept telephonic conversations,
smses, chats, e-mails and other internet
communications. In response to threat
from global terrorists, the government es-
tablished National Technical Research
Organization (NTRO), which is India’s NSA.
With increasing capabilities, the govern-
ment today has a vast pool of data at its
disposal with little legal guidelines for
analysing it without violating an individu-
al’s right to privacy. NTRO and host of oth-
er intelligence agencies have themselves
been monitoring Indian citizens through
Telecomm companies in every major city.
In case of Blackberry where the Intelli-
gence agencies were not able to crack the
encryption, the company was forced to
keep their servers in India and route their
traffic through them, allowing the govern-
ment to snoop into the encrypted mails.
ARTICLE
6 IDEATE JANUARY 2015
The most intrusive system under their ar-
senal is an off-the air CDMA/GSM moni-
toring device which can be used for
“fishing expeditions” under Project “FOX”.
It allows the user to grab any telephone
communication off the air in a 2km area.
The device hooks on to the phone and al-
lows tracking, bypassing the telephone
companies.
In response to 26/11 attacks, Dept. of Tel-
ecommunications announced in 2012 that
a Central Monitoring System (CMS) will be
setup for “lawful interception & monitor-
ing”. It is not clear, but highly likely that all
the intelligence agencies in India will be
able to access this system. Issues in de-
cryption and lack of VoIP tracking capabil-
ities have delayed the project.
Article 21 of the Indian Constitution says
that – “You cannot do anything that in-
vades the life and liberty of people”. The
Indian Telegraph Act (1885), the Indian
Telegraph Rules (1951) and the Infor-
mation Technology Act (2000) provide the
legal basis for interception. The law co-
vers threats to critical infrastructure, in-
ternet privacy, and gives a detection and
response framework. However, none of
the existing laws provides legal oversight
for Project Fox or an all-intrusive surveil-
lance program under CMS. Absence of da-
ta detection laws means that there is no
clarity on how the information is collect-
ed, stored, who accesses it and how long
will it be retained.
In a world filled with threats for a nation
from other nations, terrorist organiza-
tions, sometimes from within – spying will
continue. In the intelligence game, “The
successes are not known, but the failures
are”. It is without doubt that the threats
to the free world are increasingly using
the latest technology to instruct, com-
municate, disseminate propaganda and
planning increasing magnitude of attacks.
Technical intelligence capabilities of any
nation is the first line of defence to pre-
vent such attacks. There cannot be 100%
privacy for any individual today. In such a
scenario, existence and even necessity of
technical surveillance of electronic com-
munications should not come as a sur-
prise.
However, as the world is becoming more
and more connected, technology has
made it possible for government or even
individuals to access private information
of almost anyone who is on the internet.
Even in liberal democracies, governments
are urging citizens to place their faith in
all-encompassing surveillance programs.
The civil society has just realised this and
in India, despite the NSA leaks, there has
been no concrete discussion. To this day,
there is no international law to act as a
IDEATE JANUARY 2015 7
ARTICLE
guide for legal snooping by governments.
Every country has its own laws based on
their requirements, which are prone to
misuse.
There has been a lack of will among po-
litical class to bring surveillance programs
under political oversight. US Senate re-
cently rejected USA Freedom Act, a bill
introduced in 2013, after the Snowden
leaks to end the NSA’s ongoing daily col-
lection of practically all US phone data. In
India too, there is no law governing intel-
ligence agencies like RAW and NTRO.
Governments are not sure where to draw
a line between protecting their citizens
and violating their rights. The Snowden
leaks has made us realize that it is time
we decide where the line is and make
sure that government across the world
follow the rules. If we do not then soon,
privacy might just become a thing of the
past.
References
Guardian Newspaper : Edward Snow-
den Files
Takshashila Institution : Discussion on
India’s Central Monitoring system, By
Rohan Joshi
A Fox on a Fishing Expedition : By
Saikat Datta, Outlook Magazine, May
RAVI SINGH
Ravi Singh is a Second Year
(Marketing) student at SBM
NMIMS, Mumbai. His hobbies in-
clude swimming, reading and fol-
lowing technology news.
8 IDEATE JANUARY 2015
ARTICLE
IDEATE FEBRUARY 2015 5
With the advent of technology, the world
has advanced by leaps and bounds. Per-
sonal computers, laptops, tablets,
smartphones and the social media have
proved the term ‘The world is a small
place’ correct. However, there have been
incidents like ‘The Celebgate’, ‘The Fap-
pening’, the ‘Sony Pictures Entertainment
Hacking Scandal’ and the ‘Microsoft Xbox
Live and Sony PlayStation online attack’
incidents. These incidents have raised se-
rious concerns regarding the privacy of
data. Hacking groups like the Guardians of
Peace, Anonymous, The Blackhole cyber-
crime gang and The Lizard Squad have
brought the vulnerabilities of the digital
age to the forefront. As modern technol-
ogy becomes more and more intertwined
with our lives, it has the tendency to influ-
ence us in undesirable ways. We live in a
surveillance society. Greatest privacy inva-
sion is our cell phones, which disclose our
personal details to the rest of the world,
without our knowledge.
Current Scenario
Every day we are submitting some infor-
mation or other in the digital space. But is
our privacy being breached? Digital ex-
perts across the planet have been increas-
ingly vocal in favour of some legislations
or regulations, which ensure the security
and confidentiality of the collected data.
PRIVACY: THE PRICE WE PAY FOR TECHNOLOGY —Debroop Banerjee, SBM NMIMS
ARTICLE
IDEATE JANUARY 2015 9
IDEATE FEBRUARY 2015 6
However, it is extremely difficult to bring
homogeneity across various legislations
and countries. Data theft incidents as well
as government snooping is on the rise.
Some of the major concerns regarding da-
ta privacy are-
Cookie Profiling- It is the process by
which marketers purchase the rights from
a website to track a user’s activities
online. Whenever a user visits a website,
a cookie is stored in the user’s device
through which the user’s device can be
uniquely identified. The cookies track all
the websites the user visits, which helps
the marketers identify the user’s age,
marital status, political and religious incli-
nations. Accordingly, advertisements are
displayed to the user. Though this is done
anonymously, the entire process is un-
known to the user.
Social networking sites like Facebook,
Google+ and Flickr are some of the big-
gest facilitators of this kind of security
breach. Facebook stores two types of
cookies in the user’s device, which lets
them, track the user’s activities both
online, as well as offline. Other than this,
the ‘Like’ and ‘Share’ buttons help Face-
book keep a track of the user’s activities
and passing them on to relevant advertis-
ers. Facebook has already been involved
in numerous controversies because of
storing and sharing user’s information
without their consent. In 2012, the Euro-
pean Union came up with ‘Data Protec-
tion Regulation’ in response to such grow-
ing concerns about cookie profiling and
internet privacy.
Location Tracking- The cellular network
service providers record the location of
users but those are shared only with the
Police or Governmental Agencies as and
when mandated by court orders. Howev-
er, with the advent of smartphones and
apps, the location of a user is easily avail-
able to third parties without the assent of
the user. For example, Apple’s I-Phone has
been widely criticized for its feature to
store user’s location in a secret file. The
record includes the latitude and longitude
of the user along with the timestamp.
This allows the user’s location to be moni-
tored on a continuous basis. Similarly,
Google’s “Latitude” feature was criticized
due to similar privacy concerns. Google in
its defence claims that it is a feature,
which the user himself/herself assigns.
Apple proved its legitimacy by displaying
the 15,200-word T&C document, which
users need to accept before using Apple
products. Apps like Angry Birds too store
the user’s location. These things are a se-
rious threat to one’s privacy. The only
blessing in disguise has been the arrest of
dreaded criminals like Rodney Knight and
ARTICLE
IDEATE JANUARY 2015 10
Maxi Sopo, who could be traced because
of such location tracking services.
Cloud Computing- Cost efficiency and
flexibility are the two main advantages
that cloud computing offers. However, it
also has disadvantages like network
latency and security concerns. Ever since
the Edward Snowden incident, there have
been growing concerns regarding security
over cloud networks. There have been
allegations of The US government spying
on the cloud networks of both
government and private organizations of
other countries. The leakage of 5 million
Gmail passwords as well as incidents like
The Celebgate and The Fappening, have
raised several questions over the security
and privacy of cloud storage. Dropbox, a
pioneer in cloud storage has been
involved in several controversies, ever
since its inception. Bring Your Own Device
(BYOD) policies encouraged by many
companies these days, pose great
challenges to security and confidentiality.
In addition, the challenges of imposing
cyber laws on cloud computing are sever-
al.
Employee Monitoring- This is another
case of privacy intrusion. Monitoring
emails, duration of breaks, etc. are prac-
tices adopted by companies to increase
employee productivity. However, they
lead only to increased levels of work
stress and demoralize the employees.
Companies like Dow Chemicals Company,
The New York Times, IBM and AT&T have
fired employees whom they have found
to be less productive using their respec-
tive monitoring techniques. Such inci-
dents have drawn sharp criticism from in-
stitutions like The American Civil Liberties
Union and National Work Rights Institute.
Monitoring software like Assentor and key
loggers are being used by more and more
organizations. The usage of CCTV’s and
monitoring telephone call records are also
on the rise.
Facial Recognition Data- around 300 mil-
lion photos are shared on Facebook every
day. These innocent posting and tagging
of pictures paves way for the creation of
“faceprint” databases. When someone
tags his/her friend, Facebook uses those
tags to create a detailed “Faceprint” of
how people look from different angles.
This data is mostly used for security pur-
poses by the country’s security agency. It
ARTICLE
IDEATE JANUARY 2015 11
IDEATE FEBRUARY 2015 6
It is used to keep a check on criminals,
citizenship applications and give security
agencies a wider range of images other
than documents like the driving license,
social security number, etc. This data, if
made available to third parties could pose
serious security concerns. Like someone
once said- “When you are online, you are
no longer private”. Not only Facebook,
companies like Apple and Google have
developed apps based on Facial Recogni-
tion Data. The data collected through face
scan can be passed onto surveillance
drones, and other surveillance technolo-
gies, which will help in identifying people
within a crowd. Thus the larger the scope
it creates for technology to invest upon,
the more it adds to the vulnerability of
the user’s privacy.
Government Snooping- The government
of a country is faced with the tough
choice between guaranteeing the security
of its citizens and ensuring their privacy.
The United States of America is the pio-
neer in this field. Project Shamrock and
Project Minaret were some of their earli-
est spying ventures. Currently, The Na-
tional Security Agency (NSA), along with
the FBI and CIA are responsible for the
country’s security. However, there have
been several allegations against them.
The WikiLeaks incident brought the entire
incident to the forefront. Whistle-blowers
like Edward Snowden and Julian Assange
were victimized, but their revelations
have been proved to be true. The NSA has
also been alleged to have spied upon The
Pakistan People’s Party, The Bharatiya Ja-
nata Party (India) and Egypt’s Muslim
Brotherhood.
Addressing the issues- Companies like
NetSuite, Cisco and Akamai Technologies
are looking at ways to allay the fears of
digital espionage of their customers. In
order to protect their profit margins, they
are constructing data centres outside US.
Recently, Apple pushed out its first-ever
automated security updates to fix security
vulnerabilities in the network time proto-
col (NTP) of it OS X operating systems.
Blockchain, the bitcoin wallet provider
has beefed up its online security ever
since the “private keys” incident occurred.
SpiderOak, another US-based cloud ser-
vice provider restricts access to user
ARTICLE
IDEATE JANUARY 2015 12
data by using client-side encryption key
creation and encrypted cloud storage.
However, the USA has about 20 sector
specific or medium specific national pri-
vacy or data security laws and hundreds
of such laws among its 50 states.
(California alone has more than 25 state
privacy and data security laws), these
laws are yet to be executed well and are
full of loopholes. The US is also trying to
mitigate growing security concerns by
promoting secure mesh networks to foil
digital spying. In India, The Information
Technology Act, 2000 and The Privacy
Rules, 2011 aim to tackle such security
risks.
Conclusion- There have been numerous
debates on the issue of privacy since
long. With Facebook and Google facing
resistance in China, things have taken a
political turn. The Dutch Data Protection
Agency is planning to impose a fine to
the tune of $18.6 million on Google on
charges of violating the privacy of Dutch
citizens. The Sony Pictures Entertain-
ment leak has led to increased tensions
between The US and North Korea.
There is a continuous debate on how
much to share and what to share.
Though marketers feel that using user
data helps them serve the users better,
pro-privacy supporters believe that the
users’ consent is mandatory. Involving
the citizens in decision-making, enforc-
ing stricter and ethical laws and mutual
trust and co-operation between nations
are the only way forward in this digital
age.
References
https://theoldspeakjournal.wordpress.com/tag/illegal-surveillance/
http://www.edrm.net/resources/data-privacy-protection/data-protection-laws/
DEBROOP BANERJEE Debroop Banerjee is a First Year
student at SBM NMIMS, Mumbai.
Prior to joining NMIMS, he was
working with Tata Consultancy Ser-
vices Limited. Travelling, reading
and exploring new places are a few
of his hobbies.
ARTICLE
IDEATE JANUARY 2015 13
Communication surveillance technologies
are being adopted in increasing numbers
by governments, corporations and indi-
viduals. Such spyware helps to eavesdrop
on VOIP conversations, read personal
mails and provides unauthorized access
to users’ documents. Some of this soft-
ware are widely available on the Internet,
while some more sophisticated alterna-
tives are made and sold by private com-
panies based in industrialized countries to
state law enforcement and intelligence
agencies in countries across the world.
Repressive governments and organiza-
tions are using them for serious human
rights violations and abuses, as there are
hardly any laws to regulate the usage of
such technologies.
Detekt is the invention of an Italian secu-
rity researcher, Amnesty International,
the Electronic Frontier Foundation and
similar groups in England and Germany. It
works like an antivirus. It tells the user if
his/her machine has been infected with
malware that many government-
sponsored hackers are known to use to
spy on activists and journalists. The Ethio-
pian government for example, has been
cracking down on bloggers by hiring pro-
fessional hackers. Ethiopia has jailed sev-
eral such critics and journalists. Their sur-
veillance is widespread: people with Ethi-
opian ties around the globe, have discov-
ered this kind of spyware on their home
computers. With the help of FinFisher
spyware, Ala'a Shehabi, a British econo-
mist in Bahrain, was arrested during the
country's lethal military crackdown on
pro-democracy protests during the Arab
Spring in 2012. The Chinese government
too is accused of spying on its citizens'
online activities.
Detekt spots different types of malware,
used by governments worldwide. Since
Detekt is an open-source tool, anybody
can contribute and build upon it further.
It can also be used free of cost by anyone.
DETEKT
TECHBYTES
IDEATE JANUARY 2015 14
RICO
Rico is a new smart-home security de-
vice, which uses old spare smartphone
for providing home security features us-
ing the phone's capabilities. The device
works in conjunction with the Rico app
which needs to be downloaded on the
phone. Currently the Rico device housing
the phone, supports phones with screen
sizes 4.5" or smaller and running an op-
erating systems such as Android 2.2/iOS
6 or higher.
The Rico unit is connected to a wall sock-
et and the cables inside the house en-
sure that the device is always charged
up. This hybrid device uses the camera
and the processing capabilities of the
smartphone to stream live video of one’s
office or home via the app for remote
viewing. This service is supported on
cloud servers hosted on Amazon web
services. The device has inbuilt sensors
to monitor temperature, air quality,
noise levels and motion. Information and
alerts are also sent to users via the cloud
service for warning about irregular
changes in motion or other variables in
the home environment.
The Rico device is supported by Rico
Smartsockets. On plugging the home ap-
pliances into these sockets, one can con-
trol their functioning like turning on/off
electrical appliances. Thus, Rico provides
a convenient and innovative way to stay
connected with one’s home on the go
and helps track its security.
TECHBYTES
IDEATE JANUARY 2015 15
In today’s world Data Leak Protection
(DLP) is a vital Technology which is in high
demand. There are several sophisticated
DLP technologies available in the market .
However , organizations are now looking
beyond simple DLP mandates.
Pawaa Technologies, based in Bengaluru
is one such company. Identified by
the .paw extension , it has come up with
its own secure File system . Encryption is
easy, since Pawaa’s file encryption tech-
nology is delivered in SaaS model.
Pawaa’s file encryption seems to be app-
based solutions of corporations , requir-
ing minimal configurations during start
off.
Gmail users can use Pawaa with great
ease. It uses one’s Gmail user-id and
password to authenticate the credential
and grant access. The person sharing the
document can control permissions for the
document . Beyond a pre-configured
expiry date, the document can no longer
be opened. Pawaa integrated its software
with Gmail to display the ease of use.
Founded by Mr.Prakash Baskaran, Pawaa
started as a DLP company in 2006. How-
ever they quickly realized that DLP dint
have wide applications and the focus
turned on carrying security and encryp-
tion to the document/file levels. Currently
Pawaa boasts of over 100 plus enterprise
clients. They have also won several acco-
lades like The RSA Top 10 Most Innovative
Companies (2011) , DSCI Excellence
Award(2012) and Deloitte Technology
Fast 50 India Awards (2012,2013). It also
was selected for the Cisco Entrepreneurs
in Residence Program(2014). Going by its
track record, Pawaa is expected to take
the Data Security market to greater
heights!!
PAWAA
STARTUPS
IDEATE JANUARY 2015 16
BITGLASS
As cloud computing is gaining popularity,
many businesses are using multiple cloud
services to handle a myriad of business
operations. But as evident from recent
examples of i-Cloud and Dropbox, even
the cloud data are not safe today. To
tackle this issue, there has been a growth
in Online Security companies offering a
variety of data security and protection
services.
Bitglass is a Silicon Valley start-up found-
ed in 2013 with an aim to provide cloud
security and data protection. It is a Cloud
Access Security Broker that delivers inno-
vative technologies to deliver total data
protection for enterprises in cloud, on
mobile devices and on The Internet.
Bitglass proxies all enterprise traffic into
and out of protected cloud applications.
A series of proxies (Forward, Reverse, Ac
tivesync, IMAP, SMTP, etc) have been
purpose-built to accomplish total protec-
tion. Reverse proxy mode is leveraged for
most applications. A key benefit of the
reverse proxy is that it protects traffic
from any device, anywhere, without
browser configuration, device profiles or
VPN. And traffic to personal cloud apps is
never handled or inspected.
In cloud security, Bitglass provides alerts
and visibilities into suspicious
behaviours, data and activity tracking,
file encryption before download/upload
and password protection to cloud appli-
cations. With companies offering Bring
Your Own Device (BYOD) policies, there is
an ever a risk of confidential data going
out of office. Bitglass helps corporate se-
cure data on any mobile device.
STARTUPS
IDEATE JANUARY 2015 17
Bitglass was founded by Mr. Nat Kaushik
(Founder and CEO) and other industry
veterans. Founded just last year with four
employees, Bitglass now has a staff of 40.
It raised $25 million in a Series B round of
funding in August, bringing its total fund-
ing to $35 million. It is currently head-
quartered in Campbell, California.
Bitglass’s current focus is to allot capital
for product development. Its growth has
been steady and businesses are taking
notice of what they have to offer. In No-
vember 2014, Bitglass was chosen by Al-
waysOn as one of the 2014 OnMobile 50
Companies to watch out for. They are a
start-up capable of changing the way
cloud technology functions.
Using proprietary threat intelligence and
big data technologies, Bitglass Data
Breach Discovery analyzes the firewall
logs to identify suspect traffic in out-
bound data flows. Traffic leaving the net-
work for suspect destinations is automati-
cally subject to deep inspection and as-
signed risk scores.
Bitglass Data Breach Discovery is available
as a monthly subscription service. No
software needs to be installed. Simply by
signing up for Bitglass and by uploading
the firewall log files, analytics and reports
on data breach risks in the organization
can be generated.
BITGLASS
STARTUPS
IDEATE JANUARY 2015 18
THE TECHNOLOGY CELL
School of Business Management, NMIMS
V. L. Mehta Road, Vile Parle (West), Mumbai – 400056
CREATIVES TEAM
Meghna Gupta
Jinal Mehta
Maitri Shah
Prabakaran Nagarajan
EDITORIAL TEAM
Vibhu Vatsala Sood
Debroop Banerjee
Ankit Anurag
Mohit Patil
Aradhya Tripathi
NEWSLETTER JANUARY 2015
Contact Us:
Email: [email protected]
www.facebook.com/SummIT.nmims
https://twitter.com/SummIT_Nmims