Identity, privacy, trust and transformation – private sector perspectives Russell Craig National Technology Officer, Microsoft NZ russell.craig@microsoft.com “” On the Internet, nobody knows knew that you are a dog When the New Yorker published this cartoon in 1993 it was funny because it was true. Now it is likely to be false. In the age of big data we can know what breed of dog you are, your favorite snacks, your lineage, where you live, which dogs you associate with, whether you’ve ever won any awards at a dog show etc. What is human (digital) identity? • Unique and individual “…the set of characteristics that somebody recognizes as belonging uniquely to herself, and constituting her individual personality for life...” • Contextual and situational “…is contextual and situational, and inseparable from the ways people connect to one another: via ethnic and religious, political, vocation and avocation, personal relationships, and other groups identities…” Concepts of digital identity broaden as we become more networked • My devices • My data • My agents • My online activity • My affiliations • Etc. In sum, human identity is multi-faceted and complex – especially in the digital domain Digital identities are fractured because apps, services, platforms and organisations fragment and silo data “Today’s Internet is based on a patchwork of identity one-offs. People lack a framework for controlling or even remembering the many different aspects “Today’s Internet is based on a patchwork of identity one-offs. a framework for controlling ofPeople theirlackdigital existence. ” or even remembering the many different aspects of their digital existence.” Warburton, S. (Coord.) (2010). Digital Identity Matters. Rhizome awareness report. London: King’s College London. What should we care about? “Our vision: New Zealand is a world leader in the trusted, inclusive and protected use of shared data to deliver a prosperous society” 1.Get the rules of the game right. 2.Create value by doing. 3.Establish the foundations: value, inclusion, trust and control. What should we care about? “Our vision: New Zealand is a world leader in the trusted, inclusive and protected use of shared data to deliver a prosperous society” 1. Get the rules of the game right. 2. Create value by doing. 3. Establish the foundations: value, inclusion trust and control. Harnessing the Economic and Social Power of Data; NZ Data Futures Forum (2015) Big = big opportunity For governments: • Budget savings • Transparency and responsibility • Real insight into society • Optimal decisions Big data = big opportunity For business: • Converting products to services • Expanded value chains • New business models • Educated targeting From Product to Ser vice V = V0 + A∙N + B∙N2 Value for customer Socialization of Business Clients Employees Partners Imminent value Mobility & Connectivity Volume value Network value On Premise Off Premise Value Big Data & BI http://www.businesslogicsystems.com/Data%20Managemen What about trust? Microsoft’s approach to trust: building security, privacy, transparency and compliance into the cloud “Hyperscale” public cloud: fundamental to IoT and big data Network Services Data Storage Compute Analytics App Services Microsoft Azure global physical infrastructure Over 1 million servers Stores over 50 trillion objects Handles on average 127,000 requests/second Peak of 880,000 requests/second > 2 billion active directory transactions/day Over $5B capital invested p/a 14 The Microsoft Cloud 200+ cloud services, 1+ million servers, $15B+ infrastructure investment 1 billion customers, 20 million businesses, 90 countries worldwide1 300+ million 3.5 million active 57% of Fortune 5004 10,000 new subscribers per week2 users per month5 users4 Online 5.5+ billion worldwide queries each month3 1.2 billion worldwide users2 48 million members in 57 countries4 450+ million unique users each month6 15 A Trustworthy Cloud Built-in capabilities and customer controls for organizations Trustworthy Cloud: Customer Assurance – It’s Your Data Datacenter Security Services Access Data in Transit Data at Rest Data Location Predictability No Advertising Horizontal Industry Specific Independent Verification Customer Controls Software Development Cloud Infrastructure Incidents & Breaches Information access Controls Extensive experience and credentials CSA Cloud Controls Matrix HIPAA/ HITECH SOC 1 2010 2011 ISO/IEC 27001:2005 UK G-Cloud OFFICIAL SOC 2 2013 2012 FISMA ATO Singapore MCTS 2014 FedRAMP P-ATO Operations Security Assurance AU IRAP Accreditation EU Data Protection Directive CJIS CDSA 2015 PCI DSS Level 1 ISO/IEC 27018 18 ISO/IEC 27018 Microsoft is the first major cloud provider to adopt the first international code of practice for governing the processing of personal information by cloud service providers. Prohibits use of customer data for advertising and marketing purposes without customer’s express consent. Prevents use of customer data for purposes unrelated to providing the cloud service. 19 russell.craig@microsoft.com
© Copyright 2024