What is Data Privacy?

Quick Heal Technologies Private Limited

Topics of Discussion:

• What is Data Privacy?

• Types Of Information Under Privacy Concerns

• Common Sources Of Data Information

• The Most Brutal Data Breaches Of 2014

• Indian Scenario

• The Information Technology Amendment Act, 2008

• The Do's and Don’ts To Protect Your Data Privacy

• How can Quick Heal help?

What is Data Privacy?

• The relationship between collection and dissemination of data technology, the public expectation of privacy.

• Privacy concerns exist wherever personally identifiable information or other sensitive information is collected and stored – in digital form or otherwise.

http://en.wikipedia.org/wiki/Information_security

POLL 1

http://en.wikipedia.org/wiki/Information_security

Information Under Privacy Concerns

• Internet Data - e-mail id's, passwords, browsing history

• Medical Records - Insurance Policies, Psychological Conditions, Medical History

• Financial Data - Transactions, Credit Card Numbers, Stocks Held, Total Assets, Debts, etc.

• Locational Data - salesforce movements, travel locations, banks visited

• Cable Television, Educational & Political Data

Common Sources Of Data Information

• Healthcare & Hospital Records

• Financial Institutions & Transactions

• Residence & Geographic Records

• Location Based Services

• Mobile & Desktop Applications, Browsers

• Television Viewing Records

http://en.wikipedia.org/wiki/Information_security

POLL 2

The Most Brutal Data Breaches Of 2014

Quick Heal Technologies Private Limited

http://www.livemint.com/Consumer/hzIpAmEXr2aDFymILJFB6J/The-most-brutal-cyber-attacks-and-data-breaches-of-2014.html

Sony Pictures - November 2014

• Over 1000 GB of data stolen

• DVD Screeners of movies yet to be released - leaked

• Contact details of Hollywood stars - compromised

• Other sensitive information such as employee salaries, internal communications were also

amongst the data stolen

• This attack could cost Sony studio an amount of around $100 million

http://www.livemint.com/Consumer/hzIpAmEXr2aDFymILJFB6J/The-most-brutal-cyber-attacks-and-data-breaches-of-2014.html

JP Morgan Chase - July 2014

• The biggest bank in the US, JP Morgan Chase’s systems were breached by hackers in July.

• JPMorgan apparently neglected to upgrade one of its network servers with the dual password

scheme

• Hackers stole the login credentials for a JPMorgan employee

• Financial information of over 76 million households and 7 million small businesses

compromised.

• Information included physical addresses and email addresses.

http://www.livemint.com/Consumer/hzIpAmEXr2aDFymILJFB6J/The-most-brutal-cyber-attacks-and-data-breaches-of-2014.html

eBay - May 2014

• One of the biggest data breaches of all time

• Information including e-mail addresses and encrypted passwords, affecting 145 million users

stolen

• Stolen information included physical addresses and email addresses

• Only non-financial data was compromised

• eBay urged customers to set new passwords after the breach was revealed.

http://www.livemint.com/Consumer/hzIpAmEXr2aDFymILJFB6J/The-most-brutal-cyber-attacks-and-data-breaches-of-2014.html

Other Major Data Breaches in 2014

• Snapchat - 98,000 files (13gb of photos and videos) stolen and posted on file sharing channels.

• Home Depot - 53 million email addresses and 56 million credit card accounts were

compromised from the retailers data

• iCloud - Over 500 images of Hollywood celebrities were stolen from Apple's data sync service

and later made their way on popular social networks

• NVIDIA Corporation: NVIDIA Corporation suffered a data breach when hackers infiltrated their

network and stole employee usernames and passwords.

https://www.privacyrights.org/data-breach/new

Other Major Data Breaches in 2014

• Emcor Services Mesa Energy Systems - Emcor Services Mesa Energy Systems notified individuals of a data breach when a company laptop was stolen that contained customers personal information that included names, Social Security numbers, date of birth, date of hire, addresses, salaries, gender and ethnicity.

• Morgan Stanley : An employee stole customer information on 350,000 clients including account numbers.

• Lokai informed customers of a data breach to their system from July 18, 2014 to October 28, 2014 by hackers who gained access to their server that hosts their website.

POLL 3

India Scenario

• India is a key threat frontier, ranking as the third highest source of overall malicious activity.

• 69 percent of targeted attacks in India focus on large enterprises

• Nearly four in 10 attacks in India were carried out on non-traditional services industries like hospitality, business and personal services

• India is the spam capital of the world with 9.8 percent of spam zombie

• 96,383 security incidents including phishing, scanning, spam, malicious code, website intrusions etc. were reported to the Indian Computer Emergency Response Team (CERT-In) in the year 2014 (Till September)

http://www.informationweek.in/informationweek/news-analysis/295599/69-percent-targeted-attacks-india-focus-enterprises-symantec

The Information Technology Amendment Act, 2008

• The Information Technology Amendment Act, 2008 addresses the intricacies of data protection in the

country

• Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a

computer resource which it owns, shall be liable to compensate the person so affected via privacy

breaches.

• The data protection provisions do not extend beyond the territories of India.

• The data outsourced to India is under the protection provisions under the act.

http://www.gala-marketlaw.com/77-gala-gazette/gala-gazette/261-india-data-protection-and-the-it-act-india

http://www.ponemon.org/local/upload/file/2011_IN_CODB_FINAL_5.pdf

Cost of Data Breach

POLL 4

The Do's and Don’ts To Protect Your Data Privacy

The Do's and Don’ts In-depth

• Be thoughtful about what you post online about yourself or your friends

• Share your full name, date of birth, phone number, address, etc., only if necessary

• Passwords must have a mix of uppercase and lowercase letters, numbers, & special

characters.

• Always ignore any unknown or unexpected communication (email, call, SMS, etc.) that

requires you to act immediately and asks for your personal information

• Always use 2-step verification for your online accounts

The Do's and Don’ts In-depth

• Banking or shopping online using free, public WiFi networks can allow hackers to steal your

personal and financial information

• Before installing any mobile app, review its permissions carefully.

• Always password protect your mobile device, tablet, and laptop

• Protect your important data by taking regular backups.

• Always log out/sign out of websites once you are done

How can Quick Heal help?

How can Quick Heal help?

Thank YouCorporateCommunications@quickheal.co.in

Follow us on:

Facebook - www.facebook.com/quickhealav

Twitter - www.twitter.com/quickheal

YouTube - www.youtube.com/quickheal

SlideShare - http://www.slideshare.net/QuickHealPPTs

Website - www.quickheal.com

Official Blog - www.blogs.quickheal.com

2015/2/11

References

• http://en.wikipedia.org/wiki/Information_privacy

• http://www.ibtimes.co.in/sony-pictures-hack-may-cost-studio-around-100-million-more-data-leaked-616704

• http://www.f4feeds.co.in/2014-the-most-worst-cyber-attacks-and-data-breaches/

• http://www.ponemon.org/local/upload/file/2011_IN_CODB_FINAL_5.pdf

• http://www.ndtv.com/india-news/indian-cyber-security-violations-similar-to-global-trends-says-ravi-shankar-prasad-

705525

• http://www.gala-marketlaw.com/77-gala-gazette/gala-gazette/261-india-data-protection-and-the-it-act-india

• http://www.informationweek.in/informationweek/news-analysis/295599/69-percent-targeted-attacks-india-focus-

enterprises-symantec-report