Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Securing your Data, Reporting Recommended Practices
1. Securing
Your Data
Lessons Learned from Ashley Madison
John Q Martin
Sales Engineer
Twitter: @SQLServerMonkey
Email: jmartin@sqlsentry.com
Blog: http://blogs.sqlsentry.com/author/JohnMartin/
3. Introduce Yourself
• John Q Martin
Working with data in many forms
for more than a decade as a
consultant and numerous
operational IT roles and industries.
7. WhatisaDataBreach?
“a breach of security leading to the accidental or
unlawful destruction, loss, alteration,
unauthorised disclosure of, or access to, personal
data transmitted, stored or otherwise processed
in connection with the provision of a public
electronic communications service”
Personal data breach definition – UK Information Commissioner's office.
9. Workingwithdata
Where does it reside
•Are there limitations on where it can be sent
•How do you transport it
Protective Markings
•Tag your visualizations & data
10. Compliance
Understand if you need to comply
•Industry Standards
•Legislation Based
Understand how data is classified
•What can be stored, retained, and displayed
•What were the capture T&C’s
11. Compliance|UKDPA
Eight Key Data Protection Principles
• Used fairly and lawfully.
• Used for limited, specifically stated
purposes.
• Used in a way that is adequate,
relevant and not excessive
• Not transferred outside the
European Economic Area without
adequate protection
• Accurate
• Kept for no longer than is
absolutely necessary.
• Handled according to people’s data
protection rights
• Kept safe and Secure
12. Compliance|UKDPA
Eight Key Data Protection Principles
• Used fairly and lawfully.
• Used for limited, specifically stated
purposes.
• Used in a way that is adequate,
relevant and not excessive
• Not transferred outside the
European Economic Area without
adequate protection
• Accurate
• Kept for no longer than is
absolutely necessary.
• Handled according to people’s data
protection rights
• Kept safe and Secure
13. Compliance|UKDPA
“any set of information relating to individuals to
the extent that, although the information is not
processed by means of equipment operating
automatically in response to instructions given
for that purpose, the set is structured, either by
reference to individuals or by reference to criteria
relating to individuals, in such a way that specific
information relating to a particular individual is
readily accessible.”
What type of information is protected by the Data Protection Act? – UK Information Commissioner's office.
14. Controlling,Processing,Sharing
Do you have a duty of care
•What are you working on
•Simple precautions
Who else can see the data
•Shoulder Surfing
•Granted access via sharing
Important to remember that when you share a PowerBI Dashboard that those you share it with will have the same rights as you when viewing the Dashboard. Be careful what you share with others as they might not have access for a reason.