Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies

356 visualizaciones

Publicado el

Since organisations are already struggling with getting compliant to the security standards like ISO 27001/2, it’s even harder to get the right measures in place for the GDPR.

Topics: the relation between privacy and security, Privacy by Design, translate GDPR into useful privacy requirements.

Organisations are preparing for the General Data Protection Regulation (GDPR), the latest European privacy law. Since organisations are already struggling with getting compliant to the security standards like ISO 27001/2, NEN 7510 or Dutch baseline as BIR / BIG/ BIWA, it’s even harder to get the right measures in place for the GDPR.

In this presentation, we start with the relations between privacy and security. And why it is even more relevant to Shift left in the development lifecycle (Privacy by Design). Then we will discuss some articles from the GDPR and will translate them into useful privacy requirements. This will demonstrate why you must have privacy and security requirements in place even before you start building or changing a system.

Next, to the requirement, we will end with the articles which are beneficial for organisations.

Take away: some generic user and abuser stories which are relevant for most applications.

Publicado en: Internet
  • Inicia sesión para ver los comentarios

DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies

  1. 1. • • • • • • • • • • •
  2. 2. • • • • • • • • • • • • • • • • • • •
  3. 3. ● ● ● ● ● ● ● ● ● ● • • • • • • • • • • • • • •
  4. 4. • •
  5. 5. • • • • • • • • • •
  6. 6. REQUIREMENTS AND USE CASES ARCHITECTURE AND DESIGN TEST PLANS CODE TEST AND TEST RESULTS FEEDBACK FROM THE FIELD ABUSE CASES RISK ANALYSIS RISK-BASED PRIVACY & SECURITY TEST CODE REVIEW (TOOLS) RISK ANALYSIS PRIVACY & SECURITY OPERATIONS PENETRATION TESTING & TECHNICAL PRIVACY TEST </> ✓ ✓ ✓ Software Privacy & Security Touchpoints PRIVACY & SECURITY REQUIREMENTS
  7. 7. • • •
  8. 8. • • • • •
  9. 9. • • • • • • • • • •
  10. 10. • • •
  11. 11. • • • • • • • • • • • •
  12. 12. • • •
  13. 13. • •
  14. 14. • • • • • • • • • • • • • • •
  15. 15. • • • • • • • •
  16. 16. • • • • • • • • • • • • •
  17. 17. • • • • • • • • • • • •
  18. 18. • • • • • • • • • • •

×