Security for Data TransfersSlide 2Slide 3Slide 4Slide 5Slide 6Slide 7Slide 8Security for Data TransfersSecurity for Data TransfersProtecting Customer DataProtecting Customer DataSecurity for Data TransfersSecurity for Data TransfersThe Business NeedThe Business Need Volkswagen Germany (VWAG)Volkswagen Germany (VWAG) wants information on the daily cash position of wants information on the daily cash position of Volkswagen Credit (VCI-US)Volkswagen Credit (VCI-US)Security for Data TransfersSecurity for Data TransfersThe ProblemThe ProblemHow do we protect non-public customer How do we protect non-public customer data that is being electronically transmitted data that is being electronically transmitted from the United States to Germanyfrom the United States to GermanySecurity for Data TransfersSecurity for Data TransfersProblem SpecificsProblem SpecificsLegalLegal1.1.Federal laws have specific rules & guidelines Federal laws have specific rules & guidelines on what type of information is allowed out of on what type of information is allowed out of the country.the country.2.2.US Consumer & Privacy laws must be followed US Consumer & Privacy laws must be followed in all cases.in all cases.Security for Data TransfersSecurity for Data TransfersProblem SpecificsProblem SpecificsDataDataFor that information that can be sent:For that information that can be sent:1.1.Both parties must agree on data mappings, Both parties must agree on data mappings, definitions, and data types.definitions, and data types.2.2.The originating data source is Sybase The originating data source is Sybase 3.3.The receiving data source is Oracle / SAPThe receiving data source is Oracle / SAPSecurity for Data TransfersSecurity for Data TransfersProblem SpecificsProblem SpecificsTransportTransportA secure mechanism for transport must be A secure mechanism for transport must be selected that is acceptable to both partiesselected that is acceptable to both partiesSolution -> Secure FTP was chosenSolution -> Secure FTP was chosenSecurity for Data TransfersSecurity for Data TransfersProblem SpecificsProblem SpecificsEncryptionEncryptionThe data must be encrypted to ensure privacy, The data must be encrypted to ensure privacy, confidentiality, and integrity for: confidentiality, and integrity for: Both the Corporation & CustomerBoth the Corporation & CustomerSolution: GNU Privacy GuardSolution: GNU Privacy Guard128-bit Open PGP128-bit Open PGPSecurity for Data TransfersSecurity for Data TransfersSolutionsSolutionsLegal – Legal – Adhere to Data privacy & exportation lawsAdhere to Data privacy & exportation lawsData – Data – Only send what the receiver needsOnly send what the receiver needsTransport – Transport – Compatible for receiver and sender Compatible for receiver and sender Encryption – Encryption – Must be secure and standardMust be secure and
View Full Document
Unlocking...