<Insert Picture Here> The Data Opportunity: Using data for economic and social benefit reaping the benefits while addressing the challenges. Joseph Alhadeff/Vice President Global Public Policy, Chief Privacy Strategist Victoria Privacy and Security Conference 2016
Are You Capitalizing on the Data Opportunity? 2
(Don t just assemble information, take advantage of it) 3
Data-Driven Innovation People think we got big by putting stores in small towns. Really we got big by replacing inventory with Information. Sam Walton http://www.slideshare.net/monicamishra10/walmart-value-chainanalysis 4
Creating Unique Data-Driven Value In A Unique Way Datafy More Activities Create Proprietary Data Assets Use Data To Make Data Achieve Network Effects 5
Data Liquidity DATA CAPITAL CHANGE THE BUSINESS RUN THE BUSINESS 6
Enterprise Big Data Architecture Discover And Predict, Fast BIG DATA ANALYTICS BIG DATA APPLICATIONS Accelerate Data- Driven Action DATA CAPITAL Simplify Access To All Data BIG DATA MANAGEMENT BIG DATA INTEGRATION Connect And Govern Any Data Copyright Copyright 2015, Oracle 2014 Oracle and/or and/or its affiliates. its affiliates. All rights All rights reserved. reserved. 7
What is the value of data in context and application Do you base your trust just on the sign? 8
On Premises Cloud Public Cloud Hybrid Cloud Software Algorithms Analytics Applications Platform Data Lake Data Warehouse Data Factory Data Lab Infrastructure Hyper-Converged Compute, Storage, Network 9
How to use data to drive organizational change Understand the objective, it s benefits and risks 10
Your operational challenges Deliver new and better services Cut service costs and optimise budgets Improve staff development and morale Comply with E-Gover nment policy 11
Addressing those challenges Flexible processes to deliver new services quickly Streamline processes to reduce service cost Empower staff to improve efficiency and morale Improve operational insight to drive good governance 12
Challenges Fragmented Solutions Poor Digital Experience TCO = Value Onerous security implementation Lack of integrated and closed loop processes Lack of accountability Loss of business opportunity Poor UX across channels Static security model Integration and support Time to value Future scale in question 13
Solutions and Connecting the Customer Experience Storefront Experience Merchandising Sales automation Territory and quota Partner management Commerce Sales Marketing Data management Cross-channel Individual campaigns Content One integrated platform Engage candidates for future needs to best serve customers Modern HR Service CPQ Configure Price Quote Knowledge management Cross-channel contact Field service Copyright Copyright 2015, Oracle 2015 Oracle and/or and/or its affiliates. its affiliates. All rights All rights reserved. reserved. 14
Providing the Platform of Change DATA MANAGMENT MOBILE ANALYTICS COLLABORATION SECURITY INTEGRATION CUSTOM APP Copyright Copyright 2015, Oracle 2015 Oracle and/or and/or its affiliates. its affiliates. All rights All rights reserved. reserved. 15
Example of Integrated Process Pilot/airline approves Repairs scheduled when plane lands on tarmac Airplane detects A/C malfunction: Determines 45- minute delay to fix Passengers notified to arrive 45 minutes later Airlines alerts all technicians to check A/C units for similar planes
Data drives Smart Cities
Solution for Cities That Want to Become Smart Integrated multi-channel services (self-service web/chat, email, local single number) delivery platform for 90%+ resolution of most government service requests ENGINE Analytics for continuous improvement of service delivery, which services to prioritize, extend, consolidate or even discontinue COCKPIT Modernize IT infrastructure to enable integration and interoperability with the city s existing siloed legacy IT infrastructure to enhance service delivery capability Fuselage 18
Where do you need to improve? Meet key objectives and targets Measure performance against objectives and targets Enable citizens to help themselves Deliver seamless service across channels Remove service bottlenecks Understand and control the cost of service delivery Better access to information for staff and citizens Motivate staff to improve service levels and morale 19
Information Age Applications for Smart Cities 6 Human Resources 1 External Groups 7 Financial Administration 0 Constituents 5 City Administration 8 Analytics 2 Single Point Of Access 3 City Operations 9 Governance, Risk & Compliance 4 City Infrastructure 10 IT Shared Services 20
Nervous System Smart Cities are more than arrays of linked sensors; they are like an organism's nervous system an ecosystem that collects information across a variety of sources and processes it for multiple uses including making inferences from information and developing derivative as well as new information from those sources. 21
Data Driven Intelligence Governments and the Private Sector use data to drive their missions and need to overcome many of the same challenges Data is the connective tissue for reliable, timely, and integrated Intelligence Data has inherent value and when combined with other data New intelligence is the result of combining and linking this data together Must meet the demand of the data growth, analysis and actionable results Need to empower analysts, developers and data scientist to explore, test and evaluate with ease and speed Must address the complex legal, commercial, and privacy rights issues governing data usage 22
The Security and Privacy Paradigm Privacy and security are closely related and context dependent. Security is closer to an absolute with variance in risk tolerance where privacy is more subjective in personal definition and application. Both concepts are screaming stop and walk away
Not just more security, adaptive security Security that can dynamically adapt to shifting context and risk Driven from the data layer and leveraged across the stack While relying on integrated identity management Supported by access controls, audit and real time notification
Risk-Aware Security Secure Login Model Risk Fraud Prevention Analysis and Forensics Detect Anomalies Evaluate transactions Challenge or Block Username and password are correct but is this really Mary? Is Mary doing anything suspicious? Can Mary answer a challenge if the risk is high enough?
Real-Time Identity Theft + Fraud Prevention Users Merchants Location User Device What A User Knows Challenge Questions) What A User Has (Device Fingerprinting) What a User Does (Behavior Pattern + Profiling) Adaptive Access Control (Pin, Password, Portals Business Applications Where a User Is (Geo-Location) Admins Custom Applications 26
Real-Time Identity Theft + Fraud Prevention Users Allow Portals Computed Risk Score Block Challenge Merchants Alert Business Applications Admins Custom Applications 27
Oracle Identity Management Secure Hybrid Identity Solution Leverage security investment Manage cloud/enterprise access Address regulatory compliance Securing Digital Transformation Enable digital business Multi-channel user experience Contextual risk-aware security Open, Scalable and Agile Rapid time-to-value Cloud architecture scale Standards and APIs 28
Enterprise Cloud Mobile DIRECTORY: Consolidating Authoritative Sources ACCESS: Attribute Based Access Control and UAAS Federation IDENTITY MANAGEMENT EVOLUTION GOVERNANCE: Enforcing Least Privilege and Addressing the Insider Threat
Current Community Challenges Authorization Beyond Identities & Roles Address the Insider Threat Extend Security Infrastructure to Remote Sites Ensure Alignment with Community Cloud
How Can These Challenges Be Addressed? Fine Grained Access with ABAC Profile and Behavior-based Access Leverage UAAS Federation and Attribute Sharing Employ Industry Vetted Security Standards and APIs
Protect Databases from Attacks Users Data Redaction dob:xx/xx/xxxx ssn:xxx-xx-4321 Dev/Test Partners, BI CX App Applications Privileged Privileged Users User DB Controls Access denied Date of Birth SSN Key Vault Data Encryption *7#$%!!@!%afb ##<>*$#@34 Data Subsetting Region, Year Size-based Data Masking dob: 12/01/1987 xxxxxxxxxx 11/05/1999 Key Vault 32
Audit, Monitor, and Detect Users Database Firewall! SYBASE Applications Network Events Alerts! Audit Data Reports Policies Audit Vault Audit Data, Event Logs 33
Security From The Ground Up SECURITY INSIDE OUT Security close to the data eliminates guesswork, maximizes performance with application transparency DEFENSE IN DEPTH Layered overlapping controls with encryption, masking, auditing, monitoring, access control, redaction, ENTERPRISE SCALE DEPLOYMENTS Across multiple systems: operating systems, heterogeneous databases, applications, CONTINUOUS INNOVATIONS Transparent Data Encryption, DBA Control, Redaction, Privilege Analysis, DB Firewall, RAS, Cloud, 34
Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management
Address Cloud Database Security Challenges Risks for Databases in Cloud Sensitive data exposure on test/dev/partner Loss of clear-text data Block access to encryption keys Block access by the cloud DBAs Monitor Database activity Risk Mitigation Mask and subset before moving to cloud Encrypt data by default Control keys with on-premise Key Vault Restrict DBA access with Database Vault Audit and monitor with on-premise Audit Vault and Database Firewall Maintain Control and Visibility * Work in Progress 36
First, know your own system some highlights Identify business goals and objectives Understand and optimize processes and workflows for the applicable operational and technological environment Generally understand the nature of the data and the resulting risk both to the enterprise and the end user/data subject of a compromise of the data Associate roles and privileges to those persons who will access data and assure that they are trained and accurately maintain roles and privileges as they change and apply appropriate separation of duties Identify risks/threats, determine acceptable risk and mitigate risk to acceptable levels Security lifecycle management, training, incidence response, business continuity 37