View
79
Download
2
Embed Size (px)
DESCRIPTION
TSSG can evaluate your data handling processes and identify weaknesses, make recommendations for improvement and assist in the development of policies
Citation preview
5/16/14 Footer Content Here 1
Protecting your Data and Business Paul Malone, Security & Trust Research
1
MEET THE TEAM Our driving innovative minds
Paul Malone
Unit Manger
Frances Cleary
Project Coordinator
Tom Curran
Business Development
Hisain Elshaafi
Research Felow
2
Trust
Difficult to gain
but…
Easy to lose
3
Your Assets Your customer data is your most valuable digital asset
Your customers’ trust is vital to your business
Your customers trust you with their personal data
4
You as the Data Subject…
How would you feel if …
… your credit card details were not protected properly by retailers … ?
5
Cost of a Data Breach? ReputaNon
Trust
Customers
Business
Under the Data ProtecNon Act Maximum fine of: €100,000
6
Loss Reduction
Loss Loss
Case Study Example
Client list taken from employer A to employer B
7
Are you a Data Controller?
Do you keep or process any informaNon about living people?
YES!
You are a Data Controller (Under the Data ProtecNon Act 1983)
8
As a Data Controller
You have ResponsibiliAes (Under the Data ProtecNon Act 1983)
9
8 Key ResponsibiliNes 1. Obtain and process the informaNon fairly
2. Keep it only for one or more specified and lawful purposes
3. Process it only in ways compaNble with the purposes for which it was given to you iniNally
10
8 Key ResponsibiliNes
4. Keep it safe and secure
5. Keep it accurate and up-‐to-‐date
6. Ensure that it is adequate, relevant and not excessive
11
8 Key ResponsibiliNes 7. Retain it no longer than is necessary for the specified purpose or purposes
8. Give a copy of his/her personal data to any individual, on request.
12
Further complicaNons
MigraNon to cloud services … ?
– Reduced costs – ImplicaNons for Data ProtecNon
EU General Data ProtecNon RegulaNon (GDPR)
– GlobalisaNon – Cloud CompuNng – AdopNon 2014 – TransiNon Period of 2 years (2016)
13
EU General Data ProtecNon RegulaNon
Single Set of Rules
The Right to be Forgoeen
Data Portability
Responsibility & Accountability
14
Are you compliant?
15
Are you obliged to register (annually) with the Data Protection Commissioner?
Do you have data handling policies in
place?
16
Can you improve?
17
We can help
We can…
• Evaluate your data handling processes • IdenNfy weaknesses • RecommendaNons for improvement • Assist in the development of policies
• Future proof – MigraNon to cloud services – Future legislaNve changes
19
How?
Under the Enterprise Ireland InnovaNon Voucher programme
We can help you apply and reduce administraNve barriers
20
Cost?
EI InnovaNon Voucher provides you with a voucher of €5,000
You can use this voucher to exploit our experNse to protect your business
21
How to engage? • Speak directly with us
• We will help with EI applicaNon
• We will visit your business and examine your data handling pracNces
• We will provide a report of our findings and recommendaNons
22
Summary
• Uncertainty about Compliance • ComplicaNons in future LegislaNon
• Data Handling Assessment
TSSG can help
23