\n
Cloud, social media<\/a> and mobile technology advancement is fundamentally altering the way businesses operate.With the proliferation of digital and social media, a vast amount of information is being exchanged across multiple platforms. Most mobile applications work only post getting access at least to the phonebook, camera and location. Pokemon Go<\/a>, a popular game, hit the headlines due to its in-built security and privacy concerns as it uses GPS and contacts to function. Hackers<\/a> realised that the best way to target users would be to provide them with a mirrored game due to its unavailability in specific regions like India.
\n
As per EY<\/a>'s Global Information Security Survey (GISS) 2015, 38% of respondents mentioned that they address security in new business processes and technologies but not privacy specifically. More telling, and perhaps more concerning, is that for nearly half (46%) of survey respondents, their number one or two concern is not having a clear picture of where personal information is stored or processed outside of their main systems and servers.
\n
The ever evolving threat landscape driven by the connected world is forcing law enforcement agencies to enhance the privacy legislation regime across the globe. This is today, one of the biggest challenges faced by many organisations and it will only get bigger with introduction of newer legislations and frameworks around data privacy<\/a>.
\n
\nPrivacy rules in India were first established in 2008, and even post implementation of the first set of rules in the IT (Amendment) Act 2008, the scope of the measures were limited. To reinforce these protections, Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, was introduced by the Indian government.
\n
\nHowever, India does not have any separate law which is designed exclusively for data protection and is yet to have an effective and concrete legislation for data privacy. A new legislation dealing specifically with the protection of data and information present on the web is the need of the hour. However, while drafting laws, the legislature has to be cautious of maintaining a balance between the interests of the common people and tightening its grip on the increasing rate of cyber crimes.
\n
\nWith GDPR (General Data Protection Regulation) coming into force in May 2018, the rules of business will change for Indian organisations having a footprint in Europe. All organisations based out of India and serving the European continent, need to adhere to the GDPR requirements. This would also mean big changes ahead for Indian organisations processing personal data on behalf of their European customers.
\n
\nThe data processors were only bound by the contractual requirements as agreed upon with the controllers and the controllers remained accountable for compliance with data protection principles and associated fines for non compliance. With GDPR, processors will also be directly subject to the same compliance obligations, legal requirements and punishment for noncompliance as controllers.
\n
\nTo thrive in this rapidly-changing regulatory environment, organisations will have to start a new compliance journey by assessing their current position in terms of privacy maturity as accountability shifts from regulators to organisations.
\n
\n(The writer is Partner - Cyber Security in EY India)<\/em>
\n.\n\n<\/body>","next_sibling":[{"msid":56194852,"title":"Most\nFreeCharge payments done within 10 seconds: CEO","entity_type":"ARTICLE","link":"\/news\/most-freecharge-payments-done-within-10-seconds-ceo\/56194852","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":56196322,"entity_type":"ARTICLE","title":"View: Tech advancement is altering the way businesses operate in India","synopsis":"Hackers realised that the best way to target users would be to provide them with a mirrored game due to its unavailability in specific regions like India.","titleseo":"telecomnews\/view-tech-advancement-is-altering-the-way-businesses-operate-in-india","status":"ACTIVE","authors":[],"Alttitle":{"minfo":""},"artag":"ET CONTRIBUTORS","artdate":"2016-12-27 11:27:57","lastupd":"2016-12-27 11:28:26","breadcrumbTags":["Internet","Hackers","cyber crime","Social media","EY","Data privacy","Pokemon Go"],"secinfo":{"seolocation":"telecomnews\/view-tech-advancement-is-altering-the-way-businesses-operate-in-india"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2016-12-27" data-index="article_1">
伯吉斯库珀
云,社交媒体和移动技术进步从根本上改变了企业运营的方式。随着数字和社交媒体,大量的信息被交换了跨多个平台。大多数移动应用程序只能获得至少电话簿,相机和位置。口袋妖怪去,一个受欢迎的游戏,成为新闻头条由于其内置的安全和隐私问题,因为它使用全球定位系统(GPS)和联系人功能。黑客意识到目标用户的最好的方法就是为他们提供一个镜像游戏由于其不可用在像印度这样的特定区域。
按莎莉的全球信息安全调查(GISS) 2015年,38%的受访者提到,他们在新的业务流程和技术解决安全但不特别隐私。更能说明问题的,或许更令人担忧,近一半(46%)的受访者,他们的数量一个或两个问题是没有一个明确的个人信息存储或处理以外的主要系统和服务器。
连接世界的景观由不断变化的威胁迫使执法机构提高全球隐私立法制度。这是今天,许多组织所面临的最大挑战之一,它只会变得更大与引入新的立法和框架数据隐私。
隐私规则最初成立于2008年,在印度,甚至实现后的第一组规则(修正案)法案2008年,措施的范围有限。这些保护,加强信息技术(合理的安全操作和规程和敏感的个人数据或信息)2011年规则,介绍了由印度政府。
然而,印度没有任何单独的法律设计专门为数据保护和尚未有一个有效的数据隐私和具体立法。一个新的立法专门处理数据和信息的保护现在的网络的需要小时。然而,尽管起草法律,立法机关必须谨慎的维护老百姓的利益之间的平衡和收紧网络犯罪的增加率。
GDPR(通用数据保护监管)2018年5月生效,业务将改变印度的规则组织在欧洲有一个足迹。所有组织的印度和欧洲大陆,需要坚持GDPR需求。这也意味着未来的巨大变化对印度组织处理个人数据代表的欧洲客户。
数据处理器只受合同约束要求约定的控制器,控制器仍负责符合数据保护原则和相关罚款不合规。GDPR,处理器也将直接受到相同的合规义务,法律要求为不服从和惩罚控制器。
茁壮成长在这个日新月异的监管环境,组织将不得不开始新的合规评估他们旅行当前位置的隐私方面的成熟组织的监管机构的问责制转变。
(作者是合作伙伴——网络安全是印度)
。
云,社交媒体和移动技术进步从根本上改变了企业运营的方式。随着数字和社交媒体,大量的信息被交换了跨多个平台。大多数移动应用程序只能获得至少电话簿,相机和位置。口袋妖怪去,一个受欢迎的游戏,成为新闻头条由于其内置的安全和隐私问题,因为它使用全球定位系统(GPS)和联系人功能。黑客意识到目标用户的最好的方法就是为他们提供一个镜像游戏由于其不可用在像印度这样的特定区域。
按莎莉的全球信息安全调查(GISS) 2015年,38%的受访者提到,他们在新的业务流程和技术解决安全但不特别隐私。更能说明问题的,或许更令人担忧,近一半(46%)的受访者,他们的数量一个或两个问题是没有一个明确的个人信息存储或处理以外的主要系统和服务器。
连接世界的景观由不断变化的威胁迫使执法机构提高全球隐私立法制度。这是今天,许多组织所面临的最大挑战之一,它只会变得更大与引入新的立法和框架数据隐私。
隐私规则最初成立于2008年,在印度,甚至实现后的第一组规则(修正案)法案2008年,措施的范围有限。这些保护,加强信息技术(合理的安全操作和规程和敏感的个人数据或信息)2011年规则,介绍了由印度政府。
然而,印度没有任何单独的法律设计专门为数据保护和尚未有一个有效的数据隐私和具体立法。一个新的立法专门处理数据和信息的保护现在的网络的需要小时。然而,尽管起草法律,立法机关必须谨慎的维护老百姓的利益之间的平衡和收紧网络犯罪的增加率。
GDPR(通用数据保护监管)2018年5月生效,业务将改变印度的规则组织在欧洲有一个足迹。所有组织的印度和欧洲大陆,需要坚持GDPR需求。这也意味着未来的巨大变化对印度组织处理个人数据代表的欧洲客户。
数据处理器只受合同约束要求约定的控制器,控制器仍负责符合数据保护原则和相关罚款不合规。GDPR,处理器也将直接受到相同的合规义务,法律要求为不服从和惩罚控制器。
茁壮成长在这个日新月异的监管环境,组织将不得不开始新的合规评估他们旅行当前位置的隐私方面的成熟组织的监管机构的问责制转变。
(作者是合作伙伴——网络安全是印度)
。
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动