Privacy A Corporate Responsibility

1
Privacy A Corporate Responsibility
Ronald Ross, CEO
2
Privacy A Corporate Responsibility

• How bad it gets?
• Social and economic implications
• Legislations
• Challenges
• MSS and privacy
• Conclusion

3
Refreshing Statistics

• The U.S. Federal Trade Commisions Hotline
  received 445 phone calls per week in November of
  1999
• By June 2001 the number rose to 1800 calls per
  week

4
Categories of Identity Theft

• Credit Card fraud
• Unauthorized Phone or Utility Services
• Bank Fraud
• Fraudulent Loans
• Government Documents or Benefits
• Other Identity Theft
• Multiple Types

5
More Statistics
Source U.S. Office of the Inspector General,
August 1999
6
Canadians Accessing the Internet
Source Industry Canada
7
Use of the Internet by Sectors
Source Industry Canada
8
Barriers to E-Commerce Development
Source Deloitte and Touche
Source Ekos Research Associates
9
Privacy Legislations

• CANADA
• Personal Information Protection and Electronic
  Document Act, April 13, 2000
• U.S.
• Health Insurance Portability and Accountability,
  1996
• Childrens Online Privacy Protection Act, 1998
• Gramm-Leach-Bliley Act for the banking industry,
  1999
• Europe
• Data Protection Directive, 1995
• Telecommunications Directive, 1997
• Australia
• The Privacy Amendment Act, 2000
• Japan
• Guidelines Concerning the Protection of Personal
  Information Associated with Electronic Computer
  Data Processing in the Private Sector, 1989

10
Most Recent Developments

• U.S.
• Federal Trade Commission will hold a workshop in
  December 2001 to assist companies with writing
  privacy policies that comply with
  Gramm-Leach-Bliley Act
• October, 2001 - California Creates Identity Theft
  Law, Senate Bill 168
• Europe
• Anti Spam legislation
• Echelon report accepted

11
Security and Privacy

• IT Security and Privacy are closely related
• Without proper security and security policies,
  the privacy cannot be enforced
• Technology is just an enabler to protect the
  private information
• People are managing the technologies and risks

12
Challenges

• Complexity of the systems, including the OS.
  Microsoft Windows 2000 estimated to have 35-40
  million lines of codes
• Network configuration errors
• Shortage of qualified IT security personnel and
  turnover
• Costly to maintain in-house
• Lack of funding
• Human factor

13
Compliancy with the Privacy Act Basic Questions

• Do you have a Security policy in place?
• Do you enforce your Security policy?
• Do you encrypt all private and sensitive data?
• Do you monitor any unauthorized access to private
  information?
• How the cookies are handled in your organization?
  Who can access the cookies?

14
How JETNET Can Help You
15
A Brief Introduction to JETNET

• Founded in 1998 in Ottawa as a JetForm
  Affiliate
• Design of International Deployment of VPN/FW
• First mover in Managed Security Services
• Recognized as a Pioneer by TeleManagement
• Ottawa, Toronto Locations
• 7/24 Internetworking Operations Centre (IOC)
• JETNET is Canadas leading Managed Security
  Services Provider
• Impressive Customer List
• Patent pending technology and service delivery

16
JETNET Technology Partnerships

• Partnerships with the leaders in the security
  market
• Best of breed technology offering

17
We Offer to You...

• Focus
• Our only offering is MSS (Has been for the last 3
  years)
• Track Record
• Blue Chip Customers, Systems, People
• Trust factor/Relationship has been established
  and maintained
• Mature Offering
• 3 Year design and development
• Process Driven and extensive expertise
• Investment in Infrastructure has been made
• Annuity, High Leverage Model in a High Growth
  Market
• Ability to compensate your team and deliver
• Continued Support
• Employees, Customers and Investors

18
JETNET Services

• Managed Firewall
• Managed VPN Branch
• Managed VPN Remote Access
• Managed Radius Authentication Service
• Managed Authentication VPN
• Managed Authentication Web
• Bundled Security Service FW, VPN, FW/VPN
• Professional Services
• Vulnerability assessment services

19
MMRH Service Offering
20
JETNET Global Coverage
- Coverage by countries
21
JETNETs Technology Can Help To Safeguard Your
Network

• Security Activity Manager Collection Agent or SCA
  is an agent on a dedicated HW
• SCA can securely track different events and log
  files within the LANs DMZ area
• Top 10 Web sites reports
• Top 25 Users
• In-house developed or third party applications
  for monitoring privacy compliance can be deployed
  and alerts can be generated in a real-time

22
Business Models Comparison
23
JETNET Customer Data Flow
24
SCA Deployment
25
Monitoring The Privacy Act Compliance

• Privacy compliance audits
• Recommendations/implementation for improvement,
  based on the results of audits
• Proactive Managed Security Services protect the
  networks
• Managed applications inside the customer network
  (SCA) to monitor any unauthorized behavior and
  notify the customer

26
Conclusion
Technological advances have also facilitated
identity theft, the availability and misuse of
electronic account and personal information.
Identity theft poses significant risks to
financial institutions and individuals alike. The
Internet is also engendering other bank-related
frauds.
Statement of Charles L. Owens Chief, Financial
Crimes Section, FBI in a hearing on Financial
Instrument Fraud held by the Subcommittee on
Financial Services and Technology Committee on
Banking, Housing, and Urban Affairs U.S. Senate
Sept. 16, 1997.
27
Thank You