Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Symphonic on Ensuring Compliance (LDSC Cyber Themed Evening)

32 views

Published on

Cyber Themes 2018: https://londondsc.co.uk/cyberthemes2018/

Use "#EnsuringCompliance" on Twitter to join in the conversation

---
Symphonic technology is the culmination of over 5 years research and development. Its aim is to revolutionise the way organisations govern the sharing of information, allowing those that operate in highly-regulated environments such as health, social care, law and finance to securely share critical, time- dependent and sensitive information.

---
We are a not for profit organisation, founded as a joint venture by the Mayor of London, the Metropolitan Police Service (MPS) and the City of London Police (CoLP). We work in partnership with private industry and academia to help businesses, primarily SME business (less than 249 employees), to embrace digital innovations and operate in a secure online environment protecting themselves against cyber criminals.

What is our purpose?
- To provide simple, measurable and effective digital security solutions to businesses.
- To enable businesses to operate in a secure digital environment.
- To target victims of cyber crime and provide support to prevent repeat victimisation.
- To evidence a positive shift in the digital security of businesses.

---
Find out more information via:

Website ▶ https://londondsc.co.uk/
Twitter ▶ https://twitter.com/LondonDSC
LinkedIn ▶ https://www.linkedin.com/company/london-digital-security-centre/
Instagram ▶ https://www.instagram.com/londondigititalsecuritycentre

  • Be the first to comment

  • Be the first to like this

Symphonic on Ensuring Compliance (LDSC Cyber Themed Evening)

  1. 1. Copyright © Symphonic Software Limited 2018 ENSURING COMPLIANCE DERICK JAMES CEO, SYMPHONIC 15th May, 2018
  2. 2. Copyright © Symphonic Software Limited 2018 Ensuring Cyber Compliance
  3. 3. Copyright © Symphonic Software Limited 2018 Ensuring Cyber Compliance
  4. 4. Copyright © Symphonic Software Limited 2018 Compliance Challenges  NHS  Wide access to data required to deliver the service  Caldicott – privacy concerns around Personal Confidential data  Patient Consent underpins access.  Retail Banking  Access to Bank data (their customers data) by 3rd parties – Open Banking/PSD2  Identification of 3rd parties  Account holder Consent central to secure operation  Consumer Brands  Marketing and Service operations over customer base  Personal data held by brand-owner  Customer consent to access for legitimate purpose under GDPR
  5. 5. Copyright © Symphonic Software Limited 2018 Data and Access to it has become more complex • Users “located” in organisation • Data located in organisation • Managing Access straightforward
  6. 6. Copyright © Symphonic Software Limited 2018 Data and Access to it has become more complex • Added “external” users • Access “external data” • Access less straightforward
  7. 7. Copyright © Symphonic Software Limited 2018 Data and Access to it has become more complex
  8. 8. Copyright © Symphonic Software Limited 2018 Compliance Challenge - Health
  9. 9. Copyright © Symphonic Software Limited 2018 Compliance Challenge - Banking Bank Platforms Fintech Platforms And 3rd Party Apps API Channel Core Banking Services Publishing, Managing, Securing, Monetising Customer Experience Customer
  10. 10. Copyright © Symphonic Software Limited 2018 Compliance General (GDPR)
  11. 11. Copyright © Symphonic Software Limited 2018 Compliance Challenge – General (GDPR)
  12. 12. Copyright © Symphonic Software Limited 2018 Know your Data Multiple Systems Sensitivity Multiple Technologies Codify Access Rules Access Rules Data Filtering Auditt Know your Users Which Identities Strong Authentication Which Domains Key Challenges A single approach to managing use of and access to data/services
  13. 13. Copyright © Symphonic Software Limited 2018 RBAC  ABAC  Understanding a users role is no longer enough  Need to understand context  Geo  Time  Device  Etc  Need to be able to control at a fine-grained level
  14. 14. Copyright © Symphonic Software Limited 2018 Unified Approach to Authorising Access  XACML  "eXtensible Access Control Markup Language”  Developed by OASIS  Internationally adopted standard for complex authorisation ecosystems  Allows:  Policies to be defined centrally and used in distributed applications  Separation of Business and IT roles in access management  Consistency, visibility and agility  ….Compliance
  15. 15. Copyright © Symphonic Software Limited 2018 Symphonic Multiple Identities Multiple Applications Multiple Organisations Single Set of Rules API integration Understands Context Compliant Access to Data Compliant Access to Services Audit trail across ecosystem
  16. 16. Copyright © Symphonic Software Limited 2018 Symphonic If you need help on this journey: Derick James CEO, Symphonic Software derick.james@symphonicsoft.com

×