Protection of clients information in the age of IT ECBA Spring Conference Prague 2017 Jan Balatka, Analytic & Forensic Technology

Transcription

1 Protection of clients information in the age of IT ECBA Spring Conference Prague 2017 Jan Balatka, Analytic & Forensic Technology

2 Agenda 1 Information lifecycle 2 How to protect information 3 Is it enough? For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 2

3 Information lifecycle For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 3

4 Information lifecycle simplified Creation Termination Storage Archiving Distribution Usage For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 4

5 But World is not so simple For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 5

6 Neither is life of information Creation Storage Distribution Usage For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 6

7 Neither is life of information cont d Usage Archiving Termination For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 7

8 Protection of information in different stages For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 8

9 Protection of information in different stages Creation Termination Storage Archiving Distribution Usage For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 9

10 Information Creation / Usage Obfuscation & Steganography So we have to You know Put the cat into the oven Ivánek, my dear friend, the carps have arrived. I should not drink too much of this. But I am really looking forward to drink it. Time for some traffic problems For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 10

11 Information Storage Disk Decryption: Typing PIN Token Authentication: Typing PIN Inserting Token Key Selection: Typing Passphrase PassWallet Opening Data Opening: Choosing Data Data Opening For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 11

12 Information Distribution User Authentication: Typing Password Creation: Typing Message Encryption: Typing Password Sending For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 12

13 Information Archiving Hash Calculation: Opening Document Hash Creation Hash Uploading: Sending Hash Sending to TSA Time Stamping (TSA): Sending TS Archiving: TS Attaching Encryption & Storage For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 13

14 Information Termination Preparation: SW Installation Disk Connection Wipe: Wipe Process For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 14

15 Protection of information in different stages Creation / Usage Storage Distribution Archiving Termination Is it needed? Authentication Authorization Validity Delete is NOT wipe Encryption Channel selection Usability Go physical, really For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 15

16 Is it enough? For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 16

17 Protection of information is it enough? For information, contact Deloitte Czech Republic. Protection of clients information in the age of IT 17

18 Mobile Applications Deloitte CZ Newsletters l Studies l Seminars l News l Videos Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ( DTTL ), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. Please see to learn more about our global network of member firms. Deloitte provides audit, consulting, legal, financial advisory, risk advisory, tax and related services to public and private clients spanning multiple industries. Deloitte serves four out of five Fortune Global 500 companies through a globally connected network of member firms in more than 150 countries and territories bringing world-class capabilities, insights, and high-quality service to address clients' most complex business challenges. To learn more about how Deloitte's approximately 244,000 professionals make an impact that matters, please connect with us on Facebook, LinkedIn, or Twitter. Deloitte Central Europe is a regional organization of entities organized under the umbrella of Deloitte Central Europe Holdings Limited, the member firm in Central Europe of Deloitte Touche Tohmatsu Limited. Services are provided by the subsidiaries and affiliates of Deloitte Central Europe Holdings Limited, which are separate and independent legal entities. The subsidiaries and affiliates of Deloitte Central Europe Holdings Limited are among the region s leading professional services firms, providing services through nearly 6,000 people in 41 offices in 18 countries For information, contact Deloitte Czech Republic.