Upload
alpesh-doshi
View
900
Download
0
Embed Size (px)
DESCRIPTION
Presentation Ovum Financial Technology Forum
Citation preview
Managing IT Security and Data Privacy Security to Enhance the
Client ExperienceOvum Financial Services Technology
Forum
25th June 2013
Alpesh Doshi
Fintricity
A CHANGE IN CUSTOMER RELATIONSHIPS
Most B2C Brands Use Social Media
Engagement is now part of the
FABRIC
Customers want a better relationship with their BRANDS
SOCIAL DATA IS A NEW CURRENCY OF ENGAGEMENT
We generate vast amounts of DATA
On the web and Social sites
Data on our likes, activities, friends, views/opinions
Social Data is now a currency that can be used to build one-to-one relationships with customers.
Carefully harvesting, analysing and leveraging social media data, banks may be able to gain valuable insight into customer investment patterns, market trends and value propositions.
WHAT KIND OF DATA IS AVAILABLE?
WHAT KIND OF DATA IS AVAILABLE?
DemographicsAge, Gender,
Geography, HHI, Level of
Education, List of friends, Friends of Friends
InterestsProfile-Based, Contextual,
Demonstrated, Undeclared
ActionsCreating, Rating, Sending, Sharing,
Uploading, Watching, and more
InteractionHow people interact
with content and ads: Clicks, time spent, interactions, videos
completed
Recency and Frequency
How often and when people
express interests or actions
Sentiment and Exposure
What people say, what they read, and when and how they
say and read it
SECURITY STRATEGY FOR PERSONAL DATA
Data Protection and Data Privacy regulations must be implemented
Information Risk Standards – ISO 27001
Regulatory and FCA/PRA Requirements
SECURITY STRATEGY FOR PERSONAL DATA
DATA PROTECTION• Personal data must be processed fairly
and lawfully
• Obtained for only one or more specified lawful purpose
• Adequate, relevant and not excessive
• Accurate and kept up to date
• Not be kept for longer than is necessary
• Processed in accordance with data subjects’ rights
• Appropriate technical and organisational measures
• No transfer outside the EEA unless adequate protection
RISK MANAGEMENT• Brand Reputation and loss of credibility can
be catastrophic for a financial services organisation
• Confidential Information about identified individuals, even though some of the data is publicly available, must be ‘managed’ carefully
• Internal Policies, both business and technology policies must be coherent and linked across departments
• Monitoring and management of these risks, and how they meet requirements must be implemented
GAPS IN APPROACHES BY FINANCIALS SERVICES COs
Most firms don’t have joined up policies.
Firms tend to have a reactive approach to implementing risks and only do so when an event happens.
Integrated Monitoring is key.
Most firms have not identified data or assessed security risks that are faced by firms.
Data ownership and use of Social .has not been considered yet, but is being used
SECURITY SOLUTIONS AND ARCHITECTURES
Build architectures that incorporate security from the start
The volumes and timeliness of Social Data requires revised operating models and systems architecture
Governance, Risk, Compliance solutions updated
Data Security and Use Lifecycle approach created in an integrated way
Risk Mitigation must be the business imperative, but enable agility and improved customer engagement
SUMMARY
Data Privacy and IT Security has become more complex.
Data Protection and Privacy, Information Risk (ISO 27001), and Regulatory Requirements must be combined into a overall Security Strategy
A combination of business and technology approaches are required
It requires joined up thinking and implementation between the business and IT
Thanks for Listening
Any Questions?
Alpesh Doshi, Fintricitym: +44 7973 822820
w: www.fintricity.com
t: @alpeshdoshi
l: www.linkedin.com/in/alpeshdoshi
References• Guarding the Social Gates, The imperative for Social media Risk Management, Alan Weber, Altimeter Group, August 2012
• Social Data: Managing data privacy and other Legal Risks, Belinda Doshi, Partner, Nabarro, September 2012
• FCA – Data Security http://www.fsa.gov.uk/pubs/other/data_security.pdf
• The Social Banker – Social Media Lessons from Banking Insiders KPMG, April 2012