• Save
eJharkhand 2014 - e-Governance Implementations – Opportunities and Challenges - Anubhav Tyagi, Sr Solution Specialist, Safenet
Upcoming SlideShare
Loading in...5
×
 

eJharkhand 2014 - e-Governance Implementations – Opportunities and Challenges - Anubhav Tyagi, Sr Solution Specialist, Safenet

on

  • 253 views

eJharkhand 2014 - e-Governance Implementations – Opportunities and Challenges - Anubhav Tyagi, Sr Solution Specialist, Safenet

eJharkhand 2014 - e-Governance Implementations – Opportunities and Challenges - Anubhav Tyagi, Sr Solution Specialist, Safenet

Statistics

Views

Total Views
253
Views on SlideShare
228
Embed Views
25

Actions

Likes
0
Downloads
0
Comments
0

1 Embed 25

http://jharkhand.eletsonline.com 25

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Governance & Visibility – every access eventProbably the most common use of encryption: Location agnostic: Encryption is attached to data so it does not matter where it is to be able to record the access eventNon-repudiation & attestation – associate an access event to a specific individual/entityControl of dataEncryption is the best method to set effective access policy Separation of duties – the privileged users problemGet a complete audit trail that is part of the control aspectsData shredding  when there's no need of it any longerSecurity: isolation/confidentiality, integrity, authenticity  makes sure that unauthorized users will not be able to access data…Even with data sprawl - so it's location independent and stage in the cycle. Even in uncontrolled env 

eJharkhand 2014 - e-Governance Implementations – Opportunities and Challenges - Anubhav Tyagi, Sr Solution Specialist, Safenet eJharkhand 2014 - e-Governance Implementations – Opportunities and Challenges - Anubhav Tyagi, Sr Solution Specialist, Safenet Presentation Transcript

  • eGovernance – Benefits & Challenges Anubhav Tyagi Sr. Solutions Architect(India & SAARC) Anubhav.Tyagi@safenet-inc.com 1
  • Governance to eGovernance – The Benefits > Analytics From missing information to delays in getting the information TO real time analytics > Efficiency From manual work processes with lost bandwidth in finding the files as well as status of a particular work item TO a central system that allows for tracking of work status of a particular item without having to ask anyone > Visibility From scattered information on physical files TO a consolidated dashboard that can be accessed from anywhere
  • ……..TO CLOUD View slide
  • The Challenges Data Governance • Do I know where all my data instances are? • Can I trace every legitimate replication/copy/instantiation event of my data? • Can I trace unauthorized copying of my data? Data Compliance • Who is accessing my data? • Can I enforce an effective access control policy? • Can I present a trusted audit trail of all access events to my data? Data Protection • Are all my data instances secure? • Can I assure only authorized access to my data? • Can I “pull the plug” on data that’s at risk of exposure? © SafeNet Confidential and Proprietary 4 View slide
  • IT Act of India Section 43A Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation to the person to affected So What? Financial Penalties to the Organization Loss of Reputation
  • IT Rules 2011 IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 Published on April 11, 2011 Adds certain specific elements to be mandatorily protected and not left to discretion of the body corporate Makes it mandatory for the body corporate to undertake yearly audit at the minimum These include i. password; ii. financial information such as Bank account or credit card or debit card or other payment instrument details ; iii. physical, physiological and mental health condition; iv. sexual orientation; v. medical records and history; vi. Biometric information; vii. any detail relating to the above clauses as provided to body corporate for providing service; and viii. any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise: 6
  • Sensitive Data & Information – Few Examples CCTNS Treasury •Criminal Details •Lost or unauthorized property details •Passport Verification details •Ongoing cases details •Pictures, Biometric prints etc •Citizen information •Arms possession details •Financial Data in terms of •Debt Management •Loan Management •Treasury Data •Pension Details •Budgeting Details •Accounting Details •State Revenue Details •Revenue Disbursement Details IGRS •Property Details •Scanned Copy of Registry •Buyer Details •Seller Details •Fingerprints •Picture •Signatures 7
  • Protection needs to be centered on data itself Data-centric Protection Security Strategy Objectives Data Confidentiality Integrity Non Repudiation Authenticity 8
  • Encryption enables Governance / Compliance     Ownership and Control    Data Security   Know about every access event Location agnostic Non repudiation and attestation Set effective access policies Separation of duties Data shredding Prevent leaks or unauthorized access Data isolation Sprawl resistant 9
  • Secure Virtual Storage Secure Cloud Applications Secure Cloud-Based Identities and Transactions Secure Virtual Machines Secure Cloud-Based Communications Secure Access to SaaS On-premise