what is data privacy?
TRANSCRIPT
What is Data Privacy?
Quick Heal Technologies Private Limited
Topics of Discussion:
• What is Data Privacy?
• Types Of Information Under Privacy Concerns
• Common Sources Of Data Information
• The Most Brutal Data Breaches Of 2014
• Indian Scenario
• The Information Technology Amendment Act, 2008
• The Do's and Don’ts To Protect Your Data Privacy
• How can Quick Heal help?
What is Data Privacy?
• The relationship between collection and dissemination of data technology, the public expectation of privacy.
• Privacy concerns exist wherever personally identifiable information or other sensitive information is collected and stored – in digital form or otherwise.
http://en.wikipedia.org/wiki/Information_security
POLL 1
http://en.wikipedia.org/wiki/Information_security
Information Under Privacy Concerns
• Internet Data - e-mail id's, passwords, browsing history
• Medical Records - Insurance Policies, Psychological Conditions, Medical History
• Financial Data - Transactions, Credit Card Numbers, Stocks Held, Total Assets, Debts, etc.
• Locational Data - salesforce movements, travel locations, banks visited
• Cable Television, Educational & Political Data
Common Sources Of Data Information
• Healthcare & Hospital Records
• Financial Institutions & Transactions
• Residence & Geographic Records
• Location Based Services
• Mobile & Desktop Applications, Browsers
• Television Viewing Records
http://en.wikipedia.org/wiki/Information_security
POLL 2
The Most Brutal Data Breaches Of 2014
Quick Heal Technologies Private Limited
http://www.livemint.com/Consumer/hzIpAmEXr2aDFymILJFB6J/The-most-brutal-cyber-attacks-and-data-breaches-of-2014.html
Sony Pictures - November 2014
• Over 1000 GB of data stolen
• DVD Screeners of movies yet to be released - leaked
• Contact details of Hollywood stars - compromised
• Other sensitive information such as employee salaries, internal communications were also
amongst the data stolen
• This attack could cost Sony studio an amount of around $100 million
http://www.livemint.com/Consumer/hzIpAmEXr2aDFymILJFB6J/The-most-brutal-cyber-attacks-and-data-breaches-of-2014.html
JP Morgan Chase - July 2014
• The biggest bank in the US, JP Morgan Chase’s systems were breached by hackers in July.
• JPMorgan apparently neglected to upgrade one of its network servers with the dual password
scheme
• Hackers stole the login credentials for a JPMorgan employee
• Financial information of over 76 million households and 7 million small businesses
compromised.
• Information included physical addresses and email addresses.
http://www.livemint.com/Consumer/hzIpAmEXr2aDFymILJFB6J/The-most-brutal-cyber-attacks-and-data-breaches-of-2014.html
eBay - May 2014
• One of the biggest data breaches of all time
• Information including e-mail addresses and encrypted passwords, affecting 145 million users
stolen
• Stolen information included physical addresses and email addresses
• Only non-financial data was compromised
• eBay urged customers to set new passwords after the breach was revealed.
http://www.livemint.com/Consumer/hzIpAmEXr2aDFymILJFB6J/The-most-brutal-cyber-attacks-and-data-breaches-of-2014.html
Other Major Data Breaches in 2014
• Snapchat - 98,000 files (13gb of photos and videos) stolen and posted on file sharing channels.
• Home Depot - 53 million email addresses and 56 million credit card accounts were
compromised from the retailers data
• iCloud - Over 500 images of Hollywood celebrities were stolen from Apple's data sync service
and later made their way on popular social networks
• NVIDIA Corporation: NVIDIA Corporation suffered a data breach when hackers infiltrated their
network and stole employee usernames and passwords.
https://www.privacyrights.org/data-breach/new
Other Major Data Breaches in 2014
• Emcor Services Mesa Energy Systems - Emcor Services Mesa Energy Systems notified individuals of a data breach when a company laptop was stolen that contained customers personal information that included names, Social Security numbers, date of birth, date of hire, addresses, salaries, gender and ethnicity.
• Morgan Stanley : An employee stole customer information on 350,000 clients including account numbers.
• Lokai informed customers of a data breach to their system from July 18, 2014 to October 28, 2014 by hackers who gained access to their server that hosts their website.
POLL 3
India Scenario
• India is a key threat frontier, ranking as the third highest source of overall malicious activity.
• 69 percent of targeted attacks in India focus on large enterprises
• Nearly four in 10 attacks in India were carried out on non-traditional services industries like hospitality, business and personal services
• India is the spam capital of the world with 9.8 percent of spam zombie
• 96,383 security incidents including phishing, scanning, spam, malicious code, website intrusions etc. were reported to the Indian Computer Emergency Response Team (CERT-In) in the year 2014 (Till September)
http://www.informationweek.in/informationweek/news-analysis/295599/69-percent-targeted-attacks-india-focus-enterprises-symantec
The Information Technology Amendment Act, 2008
• The Information Technology Amendment Act, 2008 addresses the intricacies of data protection in the
country
• Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a
computer resource which it owns, shall be liable to compensate the person so affected via privacy
breaches.
• The data protection provisions do not extend beyond the territories of India.
• The data outsourced to India is under the protection provisions under the act.
http://www.gala-marketlaw.com/77-gala-gazette/gala-gazette/261-india-data-protection-and-the-it-act-india
http://www.ponemon.org/local/upload/file/2011_IN_CODB_FINAL_5.pdf
Cost of Data Breach
POLL 4
The Do's and Don’ts To Protect Your Data Privacy
The Do's and Don’ts In-depth
• Be thoughtful about what you post online about yourself or your friends
• Share your full name, date of birth, phone number, address, etc., only if necessary
• Passwords must have a mix of uppercase and lowercase letters, numbers, & special
characters.
• Always ignore any unknown or unexpected communication (email, call, SMS, etc.) that
requires you to act immediately and asks for your personal information
• Always use 2-step verification for your online accounts
The Do's and Don’ts In-depth
• Banking or shopping online using free, public WiFi networks can allow hackers to steal your
personal and financial information
• Before installing any mobile app, review its permissions carefully.
• Always password protect your mobile device, tablet, and laptop
• Protect your important data by taking regular backups.
• Always log out/sign out of websites once you are done
How can Quick Heal help?
How can Quick Heal help?
Thank [email protected]
Follow us on:
Facebook - www.facebook.com/quickhealav
Twitter - www.twitter.com/quickheal
YouTube - www.youtube.com/quickheal
SlideShare - http://www.slideshare.net/QuickHealPPTs
Website - www.quickheal.com
Official Blog - www.blogs.quickheal.com
2015/2/11
References
• http://en.wikipedia.org/wiki/Information_privacy
• http://www.ibtimes.co.in/sony-pictures-hack-may-cost-studio-around-100-million-more-data-leaked-616704
• http://www.f4feeds.co.in/2014-the-most-worst-cyber-attacks-and-data-breaches/
• http://www.ponemon.org/local/upload/file/2011_IN_CODB_FINAL_5.pdf
• http://www.ndtv.com/india-news/indian-cyber-security-violations-similar-to-global-trends-says-ravi-shankar-prasad-
705525
• http://www.gala-marketlaw.com/77-gala-gazette/gala-gazette/261-india-data-protection-and-the-it-act-india
• http://www.informationweek.in/informationweek/news-analysis/295599/69-percent-targeted-attacks-india-focus-
enterprises-symantec-report