The Privacy Cockpit for Smartphones · Mobile Devices Smartphones handle Information: Generate...
Transcript of The Privacy Cockpit for Smartphones · Mobile Devices Smartphones handle Information: Generate...
The Privacy Cockpit for SmartphonesConfiguration of Data Secrecy made easy
Thomas Maier, Jörn-Marc Schmidt, Lukasz Kubik, Thomas Mohnhaupt, Corinna Lingstädt
secunet Security Networks AG
Mobile Devices
Smartphones handle Information:
Generate
Store
Process and
Share data.
Who knows about / controls the data flow?
of users would pay for privacy
Data Protection
Privacy Protection of Business Data
Data Protection
Mobile Device Management
Protecting (company) data
Central configuration
Policies defined by experts
Requires appropriate infrastructure
Manual Configuration
„MDM: Enterprises-Only“ - ?
„MDM for Everyone“
The Privacy Cockpit
Privacy Cockpit Web-Portal
YOP-App(YourOwnPrivacy)
Privacy Cockpit Web Portal
Awareness
Explain risks
Dos & don’ts
Expert know-how
Explain possibilities
Discus impact of solutions
Pre-configured rule-Sets
Device configuration
Impact on Privacy
The user
Is informed about risks and solutions
Is able to make well-grounded decisions
Is in control of the policies
Easy generation of policies
Starting with pre-defined policies
Relying on knowledge of an expert database
Adapting policies
Impact on BYOD
The user configures his phone
Privacy Cockpit certifies security level
based on the user‘s configuration
Company decides whether to allow access
based on the certificate
Trust in the Privacy Cockpit as third party
Company must be informed about changes
HOW COULD IT LOOK LIKE?
„Work Flow“
Configuration of Policies
Configuration of Policies
Limits
Restricted OS APIs
No access to low-level features
System app are excluded
Next Steps
“Blur” requested data
One-time rights
Complex rule-sets
Analytics of data/sensor access
Privacy & BYOD: A „Hot-Topic“
Data protection:
Private information
Business data
On lost phones
Awareness!
Usability-concept
The OS is the limit
“Certificates” for BYOD
The Privacy Cockpit for SmartphonesConfiguration of Data Secrecy made easy
Thomas Maier, Jörn-Marc Schmidt, Lukasz Kubik, Thomas Mohnhaupt, Corinna Lingstädt
secunet Security Networks AG