ideate january 2015

22
TRANSFORMING BUSINESS DEVELOPMENT SummIT—THE TECHNOLOGY CELL, NMIMS

Upload: summit-nmims

Post on 07-Apr-2016

238 views

Category:

Documents


1 download

DESCRIPTION

SummIT, The Technology cell of SBM NMIMS, Mumbai presents its January 2015 edition of its newsletter - Ideate!!

TRANSCRIPT

Page 1: Ideate January 2015

TRANSFORMING BUSINESS DEVELOPMENT

SummIT—THE TECHNOLOGY CELL, NMIMS

Page 2: Ideate January 2015

IDEATE JANUARY 2015

EDITOR’S NOTE

TEAM SUMMIT

President

ARJUN KRISHNAN

Vice President

PRATYUSH PANDA

Creatives Head

MEGHNA GUPTA

Editorials Head

VIBHU VATSALA SOOD

Events Head

RIDDHI KUNDU

New Initiatives Head

TARUN GUPTA

“Privacy is one of the biggest problems in this new electronic age”

—Andrew Grove, Former CEO, Intel.

Dear Readers,

In today’s Internet of Things, we are more connected than ever

before. However, “WE ARE BEING WATCHED”. The data we put

on the Internet isn’t so secure and private after all! In this edi-

tion, we explore the intriguing trade-offs, which the technologi-

cal community strives to achieve between surveillance technol-

ogies and privacy.

SummIT- The Technology Cell of NMIMS, presents to you our

January newsletter ‘IDEATE’ on the theme “Data privacy – The

price we pay for technology”. This edition includes an exclusive

chat with Mr. Prakash Baskaran, CEO, Pawaa Software, focusing

on data security as a service and Pawaa’s work in the realm of

Information Rights Management. Also, we bring to you, the two

best articles on the cover theme selected from amongst the

huge number of entries received from business schools across

India.

It is our constant endeavour at SummIT to keep our readers

abreast with the latest technological innovations that have the

potential to make an impact in the coming future. The

Techbytes section looks at two such disruptive innovations De-

tekt and Rico. To promote and honour the spirit of entrepre-

neurship in technology, in this edition, we take a closer look at

two startups – Pawaa and Bitglass.

We thank the authors and the esteemed guest for their valua-

ble contributions. We are also grateful to our readers’ constant

patronage which has encouraged IDEATE to reach new heights.

We would love to hear from you, for any feedback or sugges-

tions, please feel free to write in to us at [email protected].

Enjoy Reading!!

-The Editor, iDEATE

Page 3: Ideate January 2015

IDEATE JANUARY 2015

WHAT IS IN STORE...

PRIVACY : THE PRICE WE PAY FOR TECHNOLOGY

PAWAA SOFTWARE : CHAT WITH THE CEO

TECH BYTES

STARTUPS

GOVERNMENT SNOOPING : JUSTIFIED?

Page 4: Ideate January 2015

CEO, Pawaa software

IDEATE JANUARY 2015

TECH CHAT WITH PRAKASH BASKARAN

INTERVIEW

1

Tell us something about yourself.

I come from a family of traders and we

have traditionally been in business. Per-

haps in some sense, I was a black sheep of

the family. I studied engineering unlike

others in the clan, and went on to do Mas-

ters from US; I also worked for large cor-

porations like IBM, Lucent and AT&T.

I later drifted into providing technology

consulting; I joined a company called

Xcelerate that provided consulting to start

-ups in getting into the B2B marketplaces.

The job was to consult with my start-up

customers in investing in off-the-shelf

products or developing their own market

place. That is when I was first introduced

to the exciting world of start-ups.

After 3 years at Xcelerate, at the peak of

the internet boom, I started my first com-

pany, which provided the same technolo-

gy consulting services. After the bust of

B2B, I went to do an MBA in 2001 and

then ran a small healthcare lab.

A couple of years later, I shifted back to

India. My next initiative was in the HR

space for creating platform and standards

to streamline online recruiting. Later, I

started a company to offer calling services

using Voice over IP to leverage the cost

arbitrage from India. I ran this for about

4-5 years.

"Mr. Prakash Baskaran has been a serial entrepreneur. He started his career working with

giants like IBM, AT&T and later forayed into the world of startups working with several

companies in different domains before starting his own venture in the techspace to deal

with data security.

SummIT is glad to present the highlights of the interview with Mr. Baskaran on Pawaa.

Page 5: Ideate January 2015

IDEATE JANUARY 2015

INTERVIEW

2

You might wish to call me a serial entre-

preneur, because next I went on to start a

company, which was neither geograph-

ically dependent, nor vertically focused. I

always wanted to create something that

had a much wider applicability like data

security. That was a ‘voila’ moment and I

started Pawaa.

With proliferation of web connected de-

vices and smart components generating

too much data, security is going to be-

come very important. Information securi-

ty is tied to devices; the content largely is

still insecure. With mobility, Internet and

cloud, data security is imperative. Howev-

er, we cannot view security in isolation;

there is so much to it in terms of network

security, device security etc. Just securing

devices is not enough, we need to be

able to secure content and that is just as

significant.

Why does IRM – Information Rights

Management face resistance?

The traditional paradigm of IRM was to

tightly integrate the four aspects of au-

thentication & authorisation, encryption

& decryption, policy management and

policy enforcement. This old-fashioned

way has to change. With our approach,

we can authorize the user based on any

type of authentication source – OAuth

(google, yahoo, live, box, etc.), AD/LDAP,

OTP (one time passwords), Secure tokens,

device ids, certificates, among other

means; thus obviating need for maintain-

ing multiple identities.

Why is IRM not very popular?

IRM, due to its faulty development has

not been well received by customers.

Microsoft requires one to authorize

against Active Directory. For instance, Mi-

crosoft forces one to use document types

from their ecosystem. Consider if your

organization is using Google Apps for mail

and OneDrive for cloud storage, what is

one supposed to do in that case.

The tight integration of authentication &

authorisation, encryption & decryption,

policy management and policy enforce-

ment, is undoing the IRM software. This

compels people to maintain multiple

identities, limits the use cases, limits the

supported applications and eventually

creates a Snowden situation within any

organization. With our approach, we can

support multiple types of file transac-

tions, since the four components are

Page 6: Ideate January 2015

IDEATE JANUARY 2015

INTERVIEW

3

loosely connected. By late binding the pol-

icy to the encrypted objects to the four

aspects of IRM, true flexibility can be

achieved. This allows protecting email

attachments, files that are stored and

shared via cloud storage, files that are

downloaded from content repositories

and reports that are generated from en-

terprise and cloud applications.

What is Pawaa’s vision for future of IRM?

The platform that we have created has

given birth to many products and solu-

tions. SecurelyShare – our hosted ‘Data

security as a service’ is one such solution

built on top of our own technology

platform. This will separate identity man-

agement from key management. Secure-

lyShare allows us to authenticate with any

service provider’s authentication system –

say a cloud service provider or an email

service provider. Our hosted solution has

‘time limited’ passwords delivered via au-

thorized users email address as a means

to authenticate & authorize the users.

Besides this, large corporations have tradi-

tionally used IRM. We want to extend the

reach of IRM to Small and Medium Enter-

prises and Professional Consumers

(Prosumers, so to speak). By launching Se-

curelyShare, we hope to offer Data Securi-

ty as a service, which is an extremely easy

way to secure your data and share with

only authorized users. Another example

that demonstrates the ease of use of our

technology is our integration with cloud

storage providers. With pawaaBOX, we

have introduced one-touch encryption/

decryption. The content is automatically

encrypted before it touches the network

and the cloud – be it Dropbox, Google

Drive, Box or One drive. Only an author-

ized person can then access the content,

by authenticating against the identity

management of the cloud service

provider.

How large is the IRM market and can it

grow?

While it is difficult to estimate the Mi-

crosoft market, since it is bundled with

software, it is safe to say that the present

market is around $ 100 million for other

IRM vendors put together.

However, the potential for IRM is huge.

Just the password protection of PDF docu-

ments could be multi-billion dollar indus-

try. Not much innovation has happened in

this field here. Today’s solutions cannot

offer the level of ease the password pro-

tected pdf offers. With our approach of

no identity management, we can poten-

tially provide a much stronger security al-

ternative for password-protected pdf.

Besides, cloud computing offers tremen-

dous role for IRM when data moves from

one device to another, to the cloud and to

the collaborators.

Page 7: Ideate January 2015

It is hard to imagine what Edward Snow-

den was thinking during his flight to Hong

Kong from Hawaii. He was carrying four

laptops, which would allow him to access

highly classified documents of the super-

secret spy agency of the US Government,

the National Security Agency (NSA). As

Guardian Journalists, Ewen MacAskill and

Glenn Greenwald and documentary film

maker Laura Poitras debriefed Snowden,

they realised this was not a normal scoop.

The whistle-blower changed the world’s

perception of technical surveillance and

brought back the focus on the unresolved

questions – Is all this Spying justified? Is it

legal? Is individual privacy so easy to

breach?

Both the NSA & GCHQ (UK Technical Intel-

ligence Agency) along with other allied

intelligence agencies have developed a

Global Surveillance System. A clandestine

mass electronic data mining programme

called “PRISM” was created by NSA post

9/11 .Telecom giants like Verizon, Voda-

fone and others have been forced to part

away with data about their customers to

US Government by Federal Court Order

under FISA (Foreign intelligence Surveil-

lance) Act. Internet giants like Google, Ap-

ple, Facebook, Yahoo & Twitter have re-

ported increasing requests from US Gov-

ernment. Government surveillance

through tech companies is not a new phe-

nomenon.

GOVERNMENT SNOOPING: JUSTIFIED? —Ravi Singh, SBM NMIMS

ARTICLE

4 IDEATE JANUARY 2015

Page 8: Ideate January 2015

What has changed is the magnitude of da-

ta being stored and the way it is being ac-

quired.

Most of the internet giants and their serv-

ers are located on the US soil. Major Glob-

al undersea communications cables pass

through landing stations in US or their Eu-

ropean Allies. A large amount of global

electronic communication flows through

these servers and cables. The surveillance

program has been sweeping through in-

ternet - Meta data of millions of internet

users irrespective of their nationality. As

per leaked internal documents, the NSA

has used backdoors planted in software

and hardware to access private data with-

out warrants. Zero-day vulnerabilities are

very hard to detect and can be exploited

for a very long time before being fixed.

Further, GCHQ the UK counter part of NSA

has, as per leaked documents, manually

tapped into undersea cables of Reliance

Communications and other players, to ac-

cess data coming from Asia, Africa & Mid-

dle East.

Although surveillance of foreign govern-

ments, institutions & individuals is legally

allowed, warrantless surveillance of their

own people has shocked US citizens. Us-

ing a backdoor search loophole in existing

laws, NSA was allowed to use Google type

system to search information about US

citizens from centralized databases. This

was done by using section 702 of FISA

Amendments Act, which allowed surveil-

lance without individual warrants if both

targets were foreign. However, this was

not the case and many times data about

US citizens were illegally stored and ac-

cessed.

The mass surveillance programmes have

infuriated not only US/UK citizens but also

their allies. GCHQ had allegedly also

hacked into G20 meetings held in 2009 in

London. It was also alleged that NSA had

hacked into German Chancellor and Bra-

zilian President’s personal phones. All this

has critically damaged US/UK relations

with other countries.

People today are more wary of US tech

giants who cannot be trusted with their

personal data. There has been a global

backlash against technology products,

which are ‘Made in America’. Countries

today are encouraging regional online

traffic to be routed locally rather than go-

ing through USA, which could affect tech

giants in Silicon Valley.

Government snooping in not so demo-

cratic countries is an open secret with on-

ly unofficial information being available.

Without oversight and checks-and-

balances intelligence gathering is prone to

abuse by the powerful. The Chinese Gov-

ernment had used censors to prevent its

own citizen from accessing available infor-

mation to innocuously prevent ‘Rumours’

ARTICLE

IDEATE JANUARY 2015 5

Page 9: Ideate January 2015

from spreading and causing

‘Destabilization’. Many countries on the

other hand have never publicly declared

that they gather Technical Intelligence

through information interception, which

by their own laws is illegal.

Even intelligence services in democratic

countries have been caught using surveil-

lance systems to monitor internal dis-

sents, political developments and person-

al lives of citizens, as per the orders of

their political masters.

In spite of being at the receiving end of

the mass surveillance programs, Indian

Government has reacted in a restrained

manner. Part of this reaction could be re-

lated to surveillance programs currently

running in India and partly because after

facing multiple terrorist attacks, India re-

alizes the necessity of this electronic intel-

ligence gathering.

Since 2005, as Indian intelligence agencies

started catching up with the technical rev-

olution, they acquired capabilities to

intercept telephonic conversations,

smses, chats, e-mails and other internet

communications. In response to threat

from global terrorists, the government es-

tablished National Technical Research

Organization (NTRO), which is India’s NSA.

With increasing capabilities, the govern-

ment today has a vast pool of data at its

disposal with little legal guidelines for

analysing it without violating an individu-

al’s right to privacy. NTRO and host of oth-

er intelligence agencies have themselves

been monitoring Indian citizens through

Telecomm companies in every major city.

In case of Blackberry where the Intelli-

gence agencies were not able to crack the

encryption, the company was forced to

keep their servers in India and route their

traffic through them, allowing the govern-

ment to snoop into the encrypted mails.

ARTICLE

6 IDEATE JANUARY 2015

Page 10: Ideate January 2015

The most intrusive system under their ar-

senal is an off-the air CDMA/GSM moni-

toring device which can be used for

“fishing expeditions” under Project “FOX”.

It allows the user to grab any telephone

communication off the air in a 2km area.

The device hooks on to the phone and al-

lows tracking, bypassing the telephone

companies.

In response to 26/11 attacks, Dept. of Tel-

ecommunications announced in 2012 that

a Central Monitoring System (CMS) will be

setup for “lawful interception & monitor-

ing”. It is not clear, but highly likely that all

the intelligence agencies in India will be

able to access this system. Issues in de-

cryption and lack of VoIP tracking capabil-

ities have delayed the project.

Article 21 of the Indian Constitution says

that – “You cannot do anything that in-

vades the life and liberty of people”. The

Indian Telegraph Act (1885), the Indian

Telegraph Rules (1951) and the Infor-

mation Technology Act (2000) provide the

legal basis for interception. The law co-

vers threats to critical infrastructure, in-

ternet privacy, and gives a detection and

response framework. However, none of

the existing laws provides legal oversight

for Project Fox or an all-intrusive surveil-

lance program under CMS. Absence of da-

ta detection laws means that there is no

clarity on how the information is collect-

ed, stored, who accesses it and how long

will it be retained.

In a world filled with threats for a nation

from other nations, terrorist organiza-

tions, sometimes from within – spying will

continue. In the intelligence game, “The

successes are not known, but the failures

are”. It is without doubt that the threats

to the free world are increasingly using

the latest technology to instruct, com-

municate, disseminate propaganda and

planning increasing magnitude of attacks.

Technical intelligence capabilities of any

nation is the first line of defence to pre-

vent such attacks. There cannot be 100%

privacy for any individual today. In such a

scenario, existence and even necessity of

technical surveillance of electronic com-

munications should not come as a sur-

prise.

However, as the world is becoming more

and more connected, technology has

made it possible for government or even

individuals to access private information

of almost anyone who is on the internet.

Even in liberal democracies, governments

are urging citizens to place their faith in

all-encompassing surveillance programs.

The civil society has just realised this and

in India, despite the NSA leaks, there has

been no concrete discussion. To this day,

there is no international law to act as a

IDEATE JANUARY 2015 7

ARTICLE

Page 11: Ideate January 2015

guide for legal snooping by governments.

Every country has its own laws based on

their requirements, which are prone to

misuse.

There has been a lack of will among po-

litical class to bring surveillance programs

under political oversight. US Senate re-

cently rejected USA Freedom Act, a bill

introduced in 2013, after the Snowden

leaks to end the NSA’s ongoing daily col-

lection of practically all US phone data. In

India too, there is no law governing intel-

ligence agencies like RAW and NTRO.

Governments are not sure where to draw

a line between protecting their citizens

and violating their rights. The Snowden

leaks has made us realize that it is time

we decide where the line is and make

sure that government across the world

follow the rules. If we do not then soon,

privacy might just become a thing of the

past.

References

Guardian Newspaper : Edward Snow-

den Files

Takshashila Institution : Discussion on

India’s Central Monitoring system, By

Rohan Joshi

A Fox on a Fishing Expedition : By

Saikat Datta, Outlook Magazine, May

RAVI SINGH

Ravi Singh is a Second Year

(Marketing) student at SBM

NMIMS, Mumbai. His hobbies in-

clude swimming, reading and fol-

lowing technology news.

8 IDEATE JANUARY 2015

ARTICLE

Page 12: Ideate January 2015

IDEATE FEBRUARY 2015 5

With the advent of technology, the world

has advanced by leaps and bounds. Per-

sonal computers, laptops, tablets,

smartphones and the social media have

proved the term ‘The world is a small

place’ correct. However, there have been

incidents like ‘The Celebgate’, ‘The Fap-

pening’, the ‘Sony Pictures Entertainment

Hacking Scandal’ and the ‘Microsoft Xbox

Live and Sony PlayStation online attack’

incidents. These incidents have raised se-

rious concerns regarding the privacy of

data. Hacking groups like the Guardians of

Peace, Anonymous, The Blackhole cyber-

crime gang and The Lizard Squad have

brought the vulnerabilities of the digital

age to the forefront. As modern technol-

ogy becomes more and more intertwined

with our lives, it has the tendency to influ-

ence us in undesirable ways. We live in a

surveillance society. Greatest privacy inva-

sion is our cell phones, which disclose our

personal details to the rest of the world,

without our knowledge.

Current Scenario

Every day we are submitting some infor-

mation or other in the digital space. But is

our privacy being breached? Digital ex-

perts across the planet have been increas-

ingly vocal in favour of some legislations

or regulations, which ensure the security

and confidentiality of the collected data.

PRIVACY: THE PRICE WE PAY FOR TECHNOLOGY —Debroop Banerjee, SBM NMIMS

ARTICLE

IDEATE JANUARY 2015 9

Page 13: Ideate January 2015

IDEATE FEBRUARY 2015 6

However, it is extremely difficult to bring

homogeneity across various legislations

and countries. Data theft incidents as well

as government snooping is on the rise.

Some of the major concerns regarding da-

ta privacy are-

Cookie Profiling- It is the process by

which marketers purchase the rights from

a website to track a user’s activities

online. Whenever a user visits a website,

a cookie is stored in the user’s device

through which the user’s device can be

uniquely identified. The cookies track all

the websites the user visits, which helps

the marketers identify the user’s age,

marital status, political and religious incli-

nations. Accordingly, advertisements are

displayed to the user. Though this is done

anonymously, the entire process is un-

known to the user.

Social networking sites like Facebook,

Google+ and Flickr are some of the big-

gest facilitators of this kind of security

breach. Facebook stores two types of

cookies in the user’s device, which lets

them, track the user’s activities both

online, as well as offline. Other than this,

the ‘Like’ and ‘Share’ buttons help Face-

book keep a track of the user’s activities

and passing them on to relevant advertis-

ers. Facebook has already been involved

in numerous controversies because of

storing and sharing user’s information

without their consent. In 2012, the Euro-

pean Union came up with ‘Data Protec-

tion Regulation’ in response to such grow-

ing concerns about cookie profiling and

internet privacy.

Location Tracking- The cellular network

service providers record the location of

users but those are shared only with the

Police or Governmental Agencies as and

when mandated by court orders. Howev-

er, with the advent of smartphones and

apps, the location of a user is easily avail-

able to third parties without the assent of

the user. For example, Apple’s I-Phone has

been widely criticized for its feature to

store user’s location in a secret file. The

record includes the latitude and longitude

of the user along with the timestamp.

This allows the user’s location to be moni-

tored on a continuous basis. Similarly,

Google’s “Latitude” feature was criticized

due to similar privacy concerns. Google in

its defence claims that it is a feature,

which the user himself/herself assigns.

Apple proved its legitimacy by displaying

the 15,200-word T&C document, which

users need to accept before using Apple

products. Apps like Angry Birds too store

the user’s location. These things are a se-

rious threat to one’s privacy. The only

blessing in disguise has been the arrest of

dreaded criminals like Rodney Knight and

ARTICLE

IDEATE JANUARY 2015 10

Page 14: Ideate January 2015

Maxi Sopo, who could be traced because

of such location tracking services.

Cloud Computing- Cost efficiency and

flexibility are the two main advantages

that cloud computing offers. However, it

also has disadvantages like network

latency and security concerns. Ever since

the Edward Snowden incident, there have

been growing concerns regarding security

over cloud networks. There have been

allegations of The US government spying

on the cloud networks of both

government and private organizations of

other countries. The leakage of 5 million

Gmail passwords as well as incidents like

The Celebgate and The Fappening, have

raised several questions over the security

and privacy of cloud storage. Dropbox, a

pioneer in cloud storage has been

involved in several controversies, ever

since its inception. Bring Your Own Device

(BYOD) policies encouraged by many

companies these days, pose great

challenges to security and confidentiality.

In addition, the challenges of imposing

cyber laws on cloud computing are sever-

al.

Employee Monitoring- This is another

case of privacy intrusion. Monitoring

emails, duration of breaks, etc. are prac-

tices adopted by companies to increase

employee productivity. However, they

lead only to increased levels of work

stress and demoralize the employees.

Companies like Dow Chemicals Company,

The New York Times, IBM and AT&T have

fired employees whom they have found

to be less productive using their respec-

tive monitoring techniques. Such inci-

dents have drawn sharp criticism from in-

stitutions like The American Civil Liberties

Union and National Work Rights Institute.

Monitoring software like Assentor and key

loggers are being used by more and more

organizations. The usage of CCTV’s and

monitoring telephone call records are also

on the rise.

Facial Recognition Data- around 300 mil-

lion photos are shared on Facebook every

day. These innocent posting and tagging

of pictures paves way for the creation of

“faceprint” databases. When someone

tags his/her friend, Facebook uses those

tags to create a detailed “Faceprint” of

how people look from different angles.

This data is mostly used for security pur-

poses by the country’s security agency. It

ARTICLE

IDEATE JANUARY 2015 11

Page 15: Ideate January 2015

IDEATE FEBRUARY 2015 6

It is used to keep a check on criminals,

citizenship applications and give security

agencies a wider range of images other

than documents like the driving license,

social security number, etc. This data, if

made available to third parties could pose

serious security concerns. Like someone

once said- “When you are online, you are

no longer private”. Not only Facebook,

companies like Apple and Google have

developed apps based on Facial Recogni-

tion Data. The data collected through face

scan can be passed onto surveillance

drones, and other surveillance technolo-

gies, which will help in identifying people

within a crowd. Thus the larger the scope

it creates for technology to invest upon,

the more it adds to the vulnerability of

the user’s privacy.

Government Snooping- The government

of a country is faced with the tough

choice between guaranteeing the security

of its citizens and ensuring their privacy.

The United States of America is the pio-

neer in this field. Project Shamrock and

Project Minaret were some of their earli-

est spying ventures. Currently, The Na-

tional Security Agency (NSA), along with

the FBI and CIA are responsible for the

country’s security. However, there have

been several allegations against them.

The WikiLeaks incident brought the entire

incident to the forefront. Whistle-blowers

like Edward Snowden and Julian Assange

were victimized, but their revelations

have been proved to be true. The NSA has

also been alleged to have spied upon The

Pakistan People’s Party, The Bharatiya Ja-

nata Party (India) and Egypt’s Muslim

Brotherhood.

Addressing the issues- Companies like

NetSuite, Cisco and Akamai Technologies

are looking at ways to allay the fears of

digital espionage of their customers. In

order to protect their profit margins, they

are constructing data centres outside US.

Recently, Apple pushed out its first-ever

automated security updates to fix security

vulnerabilities in the network time proto-

col (NTP) of it OS X operating systems.

Blockchain, the bitcoin wallet provider

has beefed up its online security ever

since the “private keys” incident occurred.

SpiderOak, another US-based cloud ser-

vice provider restricts access to user

ARTICLE

IDEATE JANUARY 2015 12

Page 16: Ideate January 2015

data by using client-side encryption key

creation and encrypted cloud storage.

However, the USA has about 20 sector

specific or medium specific national pri-

vacy or data security laws and hundreds

of such laws among its 50 states.

(California alone has more than 25 state

privacy and data security laws), these

laws are yet to be executed well and are

full of loopholes. The US is also trying to

mitigate growing security concerns by

promoting secure mesh networks to foil

digital spying. In India, The Information

Technology Act, 2000 and The Privacy

Rules, 2011 aim to tackle such security

risks.

Conclusion- There have been numerous

debates on the issue of privacy since

long. With Facebook and Google facing

resistance in China, things have taken a

political turn. The Dutch Data Protection

Agency is planning to impose a fine to

the tune of $18.6 million on Google on

charges of violating the privacy of Dutch

citizens. The Sony Pictures Entertain-

ment leak has led to increased tensions

between The US and North Korea.

There is a continuous debate on how

much to share and what to share.

Though marketers feel that using user

data helps them serve the users better,

pro-privacy supporters believe that the

users’ consent is mandatory. Involving

the citizens in decision-making, enforc-

ing stricter and ethical laws and mutual

trust and co-operation between nations

are the only way forward in this digital

age.

References

https://theoldspeakjournal.wordpress.com/tag/illegal-surveillance/

http://www.edrm.net/resources/data-privacy-protection/data-protection-laws/

DEBROOP BANERJEE Debroop Banerjee is a First Year

student at SBM NMIMS, Mumbai.

Prior to joining NMIMS, he was

working with Tata Consultancy Ser-

vices Limited. Travelling, reading

and exploring new places are a few

of his hobbies.

ARTICLE

IDEATE JANUARY 2015 13

Page 17: Ideate January 2015

Communication surveillance technologies

are being adopted in increasing numbers

by governments, corporations and indi-

viduals. Such spyware helps to eavesdrop

on VOIP conversations, read personal

mails and provides unauthorized access

to users’ documents. Some of this soft-

ware are widely available on the Internet,

while some more sophisticated alterna-

tives are made and sold by private com-

panies based in industrialized countries to

state law enforcement and intelligence

agencies in countries across the world.

Repressive governments and organiza-

tions are using them for serious human

rights violations and abuses, as there are

hardly any laws to regulate the usage of

such technologies.

Detekt is the invention of an Italian secu-

rity researcher, Amnesty International,

the Electronic Frontier Foundation and

similar groups in England and Germany. It

works like an antivirus. It tells the user if

his/her machine has been infected with

malware that many government-

sponsored hackers are known to use to

spy on activists and journalists. The Ethio-

pian government for example, has been

cracking down on bloggers by hiring pro-

fessional hackers. Ethiopia has jailed sev-

eral such critics and journalists. Their sur-

veillance is widespread: people with Ethi-

opian ties around the globe, have discov-

ered this kind of spyware on their home

computers. With the help of FinFisher

spyware, Ala'a Shehabi, a British econo-

mist in Bahrain, was arrested during the

country's lethal military crackdown on

pro-democracy protests during the Arab

Spring in 2012. The Chinese government

too is accused of spying on its citizens'

online activities.

Detekt spots different types of malware,

used by governments worldwide. Since

Detekt is an open-source tool, anybody

can contribute and build upon it further.

It can also be used free of cost by anyone.

DETEKT

TECHBYTES

IDEATE JANUARY 2015 14

Page 18: Ideate January 2015

RICO

Rico is a new smart-home security de-

vice, which uses old spare smartphone

for providing home security features us-

ing the phone's capabilities. The device

works in conjunction with the Rico app

which needs to be downloaded on the

phone. Currently the Rico device housing

the phone, supports phones with screen

sizes 4.5" or smaller and running an op-

erating systems such as Android 2.2/iOS

6 or higher.

The Rico unit is connected to a wall sock-

et and the cables inside the house en-

sure that the device is always charged

up. This hybrid device uses the camera

and the processing capabilities of the

smartphone to stream live video of one’s

office or home via the app for remote

viewing. This service is supported on

cloud servers hosted on Amazon web

services. The device has inbuilt sensors

to monitor temperature, air quality,

noise levels and motion. Information and

alerts are also sent to users via the cloud

service for warning about irregular

changes in motion or other variables in

the home environment.

The Rico device is supported by Rico

Smartsockets. On plugging the home ap-

pliances into these sockets, one can con-

trol their functioning like turning on/off

electrical appliances. Thus, Rico provides

a convenient and innovative way to stay

connected with one’s home on the go

and helps track its security.

TECHBYTES

IDEATE JANUARY 2015 15

Page 19: Ideate January 2015

In today’s world Data Leak Protection

(DLP) is a vital Technology which is in high

demand. There are several sophisticated

DLP technologies available in the market .

However , organizations are now looking

beyond simple DLP mandates.

Pawaa Technologies, based in Bengaluru

is one such company. Identified by

the .paw extension , it has come up with

its own secure File system . Encryption is

easy, since Pawaa’s file encryption tech-

nology is delivered in SaaS model.

Pawaa’s file encryption seems to be app-

based solutions of corporations , requir-

ing minimal configurations during start

off.

Gmail users can use Pawaa with great

ease. It uses one’s Gmail user-id and

password to authenticate the credential

and grant access. The person sharing the

document can control permissions for the

document . Beyond a pre-configured

expiry date, the document can no longer

be opened. Pawaa integrated its software

with Gmail to display the ease of use.

Founded by Mr.Prakash Baskaran, Pawaa

started as a DLP company in 2006. How-

ever they quickly realized that DLP dint

have wide applications and the focus

turned on carrying security and encryp-

tion to the document/file levels. Currently

Pawaa boasts of over 100 plus enterprise

clients. They have also won several acco-

lades like The RSA Top 10 Most Innovative

Companies (2011) , DSCI Excellence

Award(2012) and Deloitte Technology

Fast 50 India Awards (2012,2013). It also

was selected for the Cisco Entrepreneurs

in Residence Program(2014). Going by its

track record, Pawaa is expected to take

the Data Security market to greater

heights!!

PAWAA

STARTUPS

IDEATE JANUARY 2015 16

Page 20: Ideate January 2015

BITGLASS

As cloud computing is gaining popularity,

many businesses are using multiple cloud

services to handle a myriad of business

operations. But as evident from recent

examples of i-Cloud and Dropbox, even

the cloud data are not safe today. To

tackle this issue, there has been a growth

in Online Security companies offering a

variety of data security and protection

services.

Bitglass is a Silicon Valley start-up found-

ed in 2013 with an aim to provide cloud

security and data protection. It is a Cloud

Access Security Broker that delivers inno-

vative technologies to deliver total data

protection for enterprises in cloud, on

mobile devices and on The Internet.

Bitglass proxies all enterprise traffic into

and out of protected cloud applications.

A series of proxies (Forward, Reverse, Ac

tivesync, IMAP, SMTP, etc) have been

purpose-built to accomplish total protec-

tion. Reverse proxy mode is leveraged for

most applications. A key benefit of the

reverse proxy is that it protects traffic

from any device, anywhere, without

browser configuration, device profiles or

VPN. And traffic to personal cloud apps is

never handled or inspected.

In cloud security, Bitglass provides alerts

and visibilities into suspicious

behaviours, data and activity tracking,

file encryption before download/upload

and password protection to cloud appli-

cations. With companies offering Bring

Your Own Device (BYOD) policies, there is

an ever a risk of confidential data going

out of office. Bitglass helps corporate se-

cure data on any mobile device.

STARTUPS

IDEATE JANUARY 2015 17

Page 21: Ideate January 2015

Bitglass was founded by Mr. Nat Kaushik

(Founder and CEO) and other industry

veterans. Founded just last year with four

employees, Bitglass now has a staff of 40.

It raised $25 million in a Series B round of

funding in August, bringing its total fund-

ing to $35 million. It is currently head-

quartered in Campbell, California.

Bitglass’s current focus is to allot capital

for product development. Its growth has

been steady and businesses are taking

notice of what they have to offer. In No-

vember 2014, Bitglass was chosen by Al-

waysOn as one of the 2014 OnMobile 50

Companies to watch out for. They are a

start-up capable of changing the way

cloud technology functions.

Using proprietary threat intelligence and

big data technologies, Bitglass Data

Breach Discovery analyzes the firewall

logs to identify suspect traffic in out-

bound data flows. Traffic leaving the net-

work for suspect destinations is automati-

cally subject to deep inspection and as-

signed risk scores.

Bitglass Data Breach Discovery is available

as a monthly subscription service. No

software needs to be installed. Simply by

signing up for Bitglass and by uploading

the firewall log files, analytics and reports

on data breach risks in the organization

can be generated.

BITGLASS

STARTUPS

IDEATE JANUARY 2015 18

Page 22: Ideate January 2015

THE TECHNOLOGY CELL

School of Business Management, NMIMS

V. L. Mehta Road, Vile Parle (West), Mumbai – 400056

CREATIVES TEAM

Meghna Gupta

Jinal Mehta

Maitri Shah

Prabakaran Nagarajan

EDITORIAL TEAM

Vibhu Vatsala Sood

Debroop Banerjee

Ankit Anurag

Mohit Patil

Aradhya Tripathi

NEWSLETTER JANUARY 2015

Contact Us:

Email: [email protected]

www.facebook.com/SummIT.nmims

https://twitter.com/SummIT_Nmims