13
PRIVACY STANDARDS The Internet of Things – Automatski Corp. http://www.automatski.com E: [email protected] , Founder & CEO M:+91-9986574181 E: [email protected] , Director - Sales M: +91-8884074204

Automatski - The Internet of Things - Privacy Standards

Embed Size (px)

Citation preview

Page 1: Automatski - The Internet of Things - Privacy Standards

PRIVACY STANDARDSThe Internet of Things – Automatski Corp.

http://www.automatski.comE: [email protected] , Founder & CEO

M:+91-9986574181

E: [email protected] , Director - Sales

M: +91-8884074204

Page 2: Automatski - The Internet of Things - Privacy Standards

THE CONTEXT

Automatski is an IoT pioneer in many ways…

With its ground up first principles based IoT Scale Platform

With Infinions.io Autonomous Compute Platform ®

Autonomous Machine Consumption Certified ®

But Analyst count more than 180 IoT Platforms across the world

An IoT Platform is a tough sell, even if you are cutting edge

Hence we want to eliminate one more possibility of someone choosing others over us.

The IoT Industry is filled with Paranoia about Security & Privacy concerns

Hence we want to address Security and Privacy even within the foundations and early stages of our Architecture and Existence as a Business

That’s why we are doing this!

Page 3: Automatski - The Internet of Things - Privacy Standards

FRONT RUNNER

Automatski is a front runner in addressing IoT Security & Privacy concerns, using a combination of

Research

Standard Industry Practices

Software Engineering Principles

Operational Excellence

Page 4: Automatski - The Internet of Things - Privacy Standards

ISO/IEC 27018

Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors

This standard provides guidance aimed at ensuring that cloud service providers (such as Amazon and Google) offer suitable information security controls to protect the privacy of their customers’ clients by securing PII (Personally Identifiable Information) entrusted to them. 

Page 5: Automatski - The Internet of Things - Privacy Standards

ISO/IEC 27018

The Standard contains sets of controls that are intended to be implemented by cloud service providers to ensure security. The Standard sets out controls including (amongst others):

information security policies;

human resource security;

access control;

cryptography;

physical and environmental security;

operations security;

communications security;

supplier relationships;

information security incident management;

information security aspects of business continuity management; and

compliance.

*** Not Legally Binding!

Page 6: Automatski - The Internet of Things - Privacy Standards

PRIVACY ACT 1974

Establishes controls over what personal information is collected, maintained, used and disseminated by agencies in the executive branch of the Federal government.

The Privacy Act only applies to records that are located in a “system of records.” As defined in the Privacy Act, a system of records is “a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual.”

The Privacy Act guarantees three primary rights: The right to see records about oneself, subject to Privacy Act exemptions;

The right to request the amendment of records that are not accurate, relevant, timely or complete; and

The right of individuals to be protected against unwarranted invasion of their privacy resulting from the collection, maintenance, use, and disclosure of personal information.

Page 7: Automatski - The Internet of Things - Privacy Standards

EU DATA PROTECTION REGULATION - SINGLE DIGITAL UNION

In January of this year the European Commission revealed a draft of its European Data Protection Regulation to replace the previous Data Protection Directive.

The Data Protection Directive is a European Union Directive, which was created to regulate the progression of personal data within the European Union. Officially known as the Directive 95/46/EC the legislation is part of the EU privacy and human rights law.

The aim of the new European Data Protection Regulation is to harmonise the current data protection laws in place across the EU member states. The fact that it is a “regulation” instead of a “directive” means it will be directly applicable to all EU member states without a need for national implementing legislation.

Page 8: Automatski - The Internet of Things - Privacy Standards

EU DATA PROTECTION REGULATION - SINGLE DIGITAL UNION

1. Get your privacy policies, procedures and documentation in order and keep them up to date: data protection authorities will be able to ask for these at any time.

2. Form a governance group that oversees all your privacy activities, led by a senior manager or executive. If you have over 250 employees, appoint a data protection officer. The group should develop metrics to measure the status of privacy efforts, report regularly and create statements of compliance that will be required as part of your organization's annual report. 

Page 9: Automatski - The Internet of Things - Privacy Standards

EU DATA PROTECTION REGULATION - SINGLE DIGITAL UNION

3. Implement a breach notification process and enhance your incident management processes and your detection and response capabilities. Any data breach must be notified to the relevant data protection authority, even if protective measures, such as encryption, are in place; or the likelihood of harm is low.

4. Prepare your organisation to fulfil the "right to be forgotten", "right to erasure" and the "right to data portability". A strategy covering topics such as data classification, retention, collection, destruction, storage and search will be required – and it should cover all mechanisms by which data is collected, including the internet, call centres and paper.

5. Create and enforce privacy throughout your systems' lifecycles to meet the "privacy by design" requirement, whether you buy or develop. This will ensure privacy controls are stronger, simpler to implement, harder to by-pass and totally embedded in a system’s core functionality.

Page 10: Automatski - The Internet of Things - Privacy Standards

AUTOMATSKI PRIVACY COMPLIANCE ROADMAP

2015• 3rd Product Release

• Privacy Act 1974 Compliance

2016• 4th/5th Product Release

• ISO/IEC 27018• EU Data Protection Regulation

Page 11: Automatski - The Internet of Things - Privacy Standards

THANKYOU!

Page 12: Automatski - The Internet of Things - Privacy Standards

WHO ARE WE?

10-20+ years of Software Engineering experience each

Global Agile & Technology Consulting, Advisory & Delivery experience of 10-15+ years since Agile and Tech was in Infancy.

The first computers we worked on were Atari and ZX Spectrum ;-) And yes after Basic we went to C/C++ and then straight to Assembly Programming and then -> we began our journey as technologists

Globally Distributed Global & Fortune Company work Experience

Worked with companies like BCG, McKinsey, Fidelity, Tesco, Goldman Sachs…

Long 3-5+ year projects & Over 200+ people globally distributed teams

Led Double Digit Multi-Billion US$ Projects

Blended methodology used comprising of Scrum, XP, Lean and Kanban

From there we rode every wave J2EE, RUP, Six Sigma, CMMI, SIP, Mobile, Cloud, Big Data, Data Science etc…

Individually worked with over 300+ Technologies at a time, literally nothing that scares us

Authors, Speakers, Coach’s, Mentors, Scientists, Engineers, Technologists, Marketing, Sales, HR, Finance…

We are Generalists and we Always start with First Principles.

Page 13: Automatski - The Internet of Things - Privacy Standards

FURTHER INFORMATION

Please refer to http://automatski.com for more information

Please go through the 2 minute demo, 5 minute demo…

And the showcase section of the website for more information…

Or email us on [email protected]

Or just give us a shout on Linkedin, Facebook, Twitter, Email etc.