1 brett roberts director of innovation | microsoft nz | 28 aug 07 technology and privacy
TRANSCRIPT
1
Brett RobertsBrett RobertsDirector of Innovation | Microsoft NZ | 28 Aug 07
Technology and PrivacyTechnology and Privacy
Consumers are more fearful than ever of corporate privacy missteps, governmental intrusions and online fraud.
Privacy threats are putting pressure on the “trust level” of users,
Behavior and confidence in e-commerce and online services affected.
Nearly one-third of U.S. & German Internet users have reduced their overall Internet use because of concerns about identity theft
Nearly half of U.S. consumers have “little or no confidence” that organizations are taking sufficient steps to protect their personal data.
A 2006 survey of senior business and technology leaders in the U.S. and the UK found that nearly one-third don’t trust their own company’s ability to handle sensitive information.
Consumer Trust is Declining
1:4,600,0001:28,5001:not very many
Spam volume up 40% since Jun06, shifting from unsolicited to malicious
38M+ pieces of potentially unwanted software were detected by Windows Defender from Jul06-Dec06
Detections of remote control and monitoring software up 277% and 135% respectively from 1H06 to 2H06
67% of users don’t have current anti-virus protection but 80% think they do
Define “privacy”: PII ? IP address ? Click stream data ?
Chances are…
Today’s Data Privacy Challenges
Botnets and rootkits
Virusesand worms
Phishingand fraud
Pharming
Spam
Spyware
Regulatory compliance
Corporatepolicies
Information loss/leakage
Unauthorized access
Unmanaged PC’s
Zombies
Reduce unwanted communications
No intrusive advertising
Control of informationControl of information
Protected from harmProtected from harm
Minimal intrusionMinimal intrusion
Clear notice of information useProvide only what is neededChoice for additional uses
Protection from online fraud and identity theft
• SPAM filters, SPAM filters, SenderIDSenderID
• Pop-up blockerPop-up blocker• Ad services – Non PII Ad services – Non PII
basedbased
• User-friendly, User-friendly, discoverable privacy discoverable privacy noticesnotices
• Delete Browsing Delete Browsing HistoryHistory
• ““Inspect document”Inspect document”• IRMIRM
• Phishing filterPhishing filter• Windows DefenderWindows Defender• Extended validation Extended validation
certificatescertificates• Windows CardspaceWindows Cardspace
© 2007 Microsoft Corporation
Privacy technology for individualsPrivacy technology for individuals
Retention/Destruction
UsageStorageCollection
Destruction
Archive
In Applications
Shared with Third Parties
By Employees,
MarketersElectronicDevices
Backup
Structured Databases
Unstructured Data
Online
From 3rd Party
In Person
Technology
PolicyPeople Process
Framework for Data GovernanceFramework for Data Governance
© 2007 Microsoft Corporation
Privacy for organisationsPrivacy for organisations
Data Governance Technologies
Protecting against malware, unauthorized access and evolving threats
Managing identities, protecting personal information from unauthorized access
Identity and Access Control
Protecting sensitive data from prying eyesData Encryption
Secure Infrastructure
Monitoring systems and ensuring complianceAuditing and Reporting
Ensuring document security throughout its lifecycleDocument Protection
There are five elements of an effective technology-based framework to responsibly protect and manage personal information, mitigate risk, achieve compliance, and promote trust and accountability:
What’s at Stake
The implications for custodians of personal information are significant:
A damper on e-commerce and online services
Major financial losses
Damage to reputation
Increased regulations and less consistency
Loss of customer/citizen trust
Our research tells us that IT pros consider privacy to be as critical an issue as security
We are all in this together…what you do—or don’t do—affects everyone else in this room.
1 tonne < 1 gram