Legal Aspects in Infosec
|
|
- Lionel Marsh
- 8 years ago
- Views:
Transcription
1 Grenoble INP Ensimag _ (in)security we trust _!!! SecurIMAG Legal Aspects in Infosec! Description: Laws are important for protecting IT users. Being aware of some legal aspects is useful for protecting yourself and your custom. Alexandra RUIZ aruiz@lexsi.com
2 LEXSI Lexsi Group is an international consulting group specialized in protecting information assets, strongly driven towards innovation. Our 130 talented and dedicated experts, analysts and consultants have built the first independent, pioneer, risk management and information security provider. Lexsi is located in France (Paris and Lyon), Canada and Singapour 2 SecurIMAG Legal Aspects in Infosec A. RUIZ
3 LEXSI AUDIT VEILLE & CYBERCRIME 1er CERT privé européen Veille en vulnérabilités Enquêtes et réponses à incidents Lu<e contre la cybercriminalité 5 missions par semaine 4 mé7ers CONSEIL 60 consultants Risk Management Résilience & conenuité d acevité Assistance à maitrise d ouvrage Accompagnement SSI, ISO 2700x... Gouvernance et stratégie SoluEons et architectures de sécurité Audit stratégique Audit de conformité Audit technique & pentest Audit de code FORMATION Plus de 800 RSSI formés Partenaire SANS InsEtute (GIAC) Parcours RSSI Nombreux modules experts 3 SecurIMAG Legal Aspects in Infosec A. RUIZ
4 @MargaretZelle Halt, who are you?! Licence in Law Master 2 in business intelligence Currently: Work: Legal assistant at LEXSI, Lyon Student: o Master 2 in digital technology law Hobbies: 4 SecurIMAG - title - author - date o University degree in cybercriminality Books Photos Shopping
5 Why do you need law? 5 SecurIMAG - title - author - date
6 Introduction Focus on principal concerns Aspects of IT french law 6 SecurIMAG Legal Aspects in Infosec A. RUIZ
7 Table of contents Introduction in an information system : Godefrain, Pentesting New french transposition : Telecom Package Cloud Computing HADOPI LOPPSI II CNIL Employer s power of control 7 SecurIMAG Legal Aspects in Infosec A. RUIZ
8 Introduction in an information system Some articles : Fraudulent access or preservation in an IS is punished by 2 years jail and fine (art penal code) When it results the deletion or the modification of data, or a functioning system change : 3 years jail and fine (art penal code) Obstacle or wrongly : 5 years jail and fine (art penal code) Introducing deceitfully data or deleting them or modifying : 5 years jail and fine (art penal code) 8 SecurIMAG Legal Aspects in Infosec A. RUIZ
9 Introduction in an information system Some articles (same sanctions of the principal offense): The fact, without justifiable motive, of importing, detaining, offering, giving up or to give an equipment, an instrument, an IT program or any data conceived or specially adapted to commit one or some offenses (art penal code) Participation to a group or to an agreement established with the aim of the preparation, characterized by one or several material facts, of one or some offenses (art penal code) Offence attempt (art penal code) Ref : Loi Godfrain du 05/01/1988 n sur la protection des SI contre la fraude informatique et l intrusion 9 SecurIMAG Legal Aspects in Infosec A. RUIZ
10 Introduction in an information system Exemples : Serge HUMPICH demonstrated that crédit cards have some vulnerabilities : 10 months suspended and 1F for damages (Fraudulent access and data introduction in an IS) V u l n e r a b i l i t i e s : A m a n publishes exploits of unpatched vulnerabilities (0-days) on his website. He was condamned because he has competencies to know that it could be used for damages (2009) 10 SecurIMAG Legal Aspects in Infosec A. RUIZ
11 Introduction in an information system Exemples : Radiocom 2000 : To win a game, a men used his employer s lines. He has distorted SI operation with radiophones to prevent securité procedure outbreak : for him and his associates 4 and 18 months suspended and à F and F (acces and fraudulent preservation in an IS and data modifications after functioning system change 11 SecurIMAG Legal Aspects in Infosec A. RUIZ
12 Introduction in an information system Pentesting : You can t introduce yourself in an IS without autorisation But you can test your IS. Compagnies specialize in pentesting How is it possible? This compagnies have a contract with client. This contract is really important to protect themself. 12 SecurIMAG Legal Aspects in Infosec A. RUIZ
13 Introduction in an information system Pentesting : Contract has to state some important points : Autorisation Perimeter No responsabilities delegation (possibility of a responsabilities limitation) SO : If you want to test vulnerability of korben s website, it s forbidden. If you want to test your own website, you can. If someone ask you to test his website, always make a contract 13 SecurIMAG Legal Aspects in Infosec A. RUIZ
14 Telecom Package What is it? European Law of 2002 modified in 2009 French transposition of August 24th 2011 Two main aspects : Cookies must be accepted expressly by user who visited a website ( if you ve a website!) Internet service provider must informed CNIL in case of data breach Ref : Ordonnance n du 24 août 2011 relative aux communications électroniques 14 SecurIMAG Legal Aspects in Infosec A. RUIZ
15 Cloud Legal aspects of Cloud : Contract : Who is responsible for personal data? Data breach Use of public or private Cloud? Audit If you are a big client, you can negociate with Google for your Cloud If you re not, you can only sign 15 SecurIMAG Legal Aspects in Infosec A. RUIZ
16 HADOPI Who? Owner of an Internet acces (people, firms) What? Obligation of protection Why? In order to protect authors Measures? Protect your wifi with a password (and a security software labelised by HADOPI => Not really usefull in fact only business) 16 SecurIMAG Legal Aspects in Infosec A. RUIZ
17 HADOPI Sanctions? Gradual answer : , letter (6 month after), and, possibly, suspension of the subscription (by the juge since 2009) What to do? If you re not responsible, you could send observations to the authors protection s commission only if you have a sanction (step 3) Evolution? Government wanted to sanction streaming 17 SecurIMAG Legal Aspects in Infosec A. RUIZ
18 HADOPI Concretely : Martin Hack, a french teenager, download Braquo (french serie) with his parents connexion TMG raise Mr and Mrs Hack IP Legal successors give this IP to HADOPI HADOPI send an mail to Mr and Mrs Hack on the adress they gave to their ISP (will they read it one day?) If Martin was punish very hardly and promise to never download again (during 6 month) All is good 18 SecurIMAG Legal Aspects in Infosec A. RUIZ
19 HADOPI If Martin is a rebel and download again and TMG raise IP HADOPI will send a letter to Mr and Mrs Hack parents. After 1 year, if nothing happened, nothing will happened. If (stupid) Martin download again, HADOPI decided if it will ask or not juge If Hack s familly is really unlucky, juge could condamn them to pay 1500 and, if juge is really angry, suspend their connection during one month. Conclusion : Lot of mails but no sanction yet Ref : Loi «Création et Internet» dite HADOPI, du 13/05/2009, promulguée le 12/06/2009 et Loi relative à la Protection Pénale de la Propriété Littéraire et Artistique sur Internet dite HADOPI 2, du 22 /10/ SecurIMAG Legal Aspects in Infosec A. RUIZ
20 LOPPSI II Main points : Identity theft : 1 year and Be careful if you want to make some joke! Selling tickets in order to make profit : CCTV : more power for CNIL More CCTV are authorize and government could imposed it CNIL will control CCTV but couldn t give sanctions 20 SecurIMAG Legal Aspects in Infosec A. RUIZ
21 LOPPSI II Main points : Website blocking A black list of website will be made and a juge decision could obliged ISP to block this sites Introduction of spywar by the police for catching some data without consent of the owner Police is authorized by the juge in charge of instructions to introduce a spyware in suspects computer They exploit vulnerabilities present in those computers 21 SecurIMAG Legal Aspects in Infosec A. RUIZ
22 CNIL Personal data protector since 2004 Protection and control of all data treatment : Exemption of declaration for somme treatment Simplify declaration for current treatment Ordinary declaration for others Authorization ask for treatment with risk Could control all treatment Actualy, legislator give more and more power of control and sanctions Loi «Informatique et Libertés» du 06/01/1978 relative à l informatique, aux fichiers et aux libertés (modifiée par la loi du 06/08/2004) 22 SecurIMAG Legal Aspects in Infosec A. RUIZ
23 Employer s power of control Charter limit and inform about measures implement by the employer : Annex to the contract with employee signature Annex to the interior reglement with opinion of staff representative and validation of factory inspectorate Employee must be informed of every measures limiting his private life 23 SecurIMAG Legal Aspects in Infosec A. RUIZ
24 Employer s power of control Phone call control : Only duration and cost Could use phone bugging if employee are informed and if it s necessary for the firm SMS could be a proof Messaging control : All mails in professional messaging are professional except if they are identified as «personnal» Number of mail, origin and addressee Could filter some mails 24 SecurIMAG Legal Aspects in Infosec A. RUIZ
25 Employer s power of control Internet control : Limitation of some website (social network, porn ) Using for personal use is tolerated but you could be sanctioned for an excessive use Captation of trafics logs ( problem of confidentiality with some websites) This informations must be kept during one year. 25 SecurIMAG Legal Aspects in Infosec A. RUIZ
26 Thank you for your attention! 26 SecurIMAG Legal Aspects in Infosec A. RUIZ
Terms of Service. These Terms of Service form a legally binding contract between the Users and the Society.
Terms of Service Article 1: Introduction These Terms of Service (the Terms) govern the relationship between the society Many Players (the Society) whose registered office is at 88 Ter, avenue du Général
More informationINFORMATION TECHNOLOGY CHARTER
INFORMATION TECHNOLOGY CHARTER INFORMATION TECHNOLOGY CHARTER Reference : extract- internal rules and regulations Name Position Date and signature Author Revised by Validation: Bruno Frédéric Head of IT
More informationGENERAL TERMS OF USE
GENERAL TERMS OF USE 1. Purpose and Scope 1.1. The Website at www.lvmhprize.com is the internet site set up by LVMH Moët Hennessy Louis Vuitton ("LVMH") for the LVMH Prize for Young Fashion Designers and
More informationPolicy on the Security of Informational Assets
Policy on the Security of Informational Assets Policy on the Security of Informational Assets 1 1. Context Canam Group Inc. recognizes that it depends on a certain number of strategic information resources
More informationDIRECTIVE ON ACCOUNTABILITY IN CONTRACT MANAGEMENT FOR PUBLIC BODIES. An Act respecting contracting by public bodies (chapter C-65.1, a.
DIRECTIVE ON ACCOUNTABILITY IN CONTRACT MANAGEMENT FOR PUBLIC BODIES An Act respecting contracting by public bodies (chapter C-65.1, a. 26) SUBJECT 1. The purpose of this directive is to establish the
More informationTerms and Conditions of Use and Sale as at 1 st January 2009
Terms and Conditions of Use and Sale as at 1 st January 2009 The present standard terms and conditions of use and sale, also called the Contract, are concluded between the following parties: - with capital
More informationThis session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
More informationStudents are expected to have regard to this policy at all times to protect the ipads from unauthorised access and damage.
Penrice Academy Acceptable Use Policy for Mobile Digital Devices including ipads September 2014 Date of Review: May 2015 Introduction Penrice Academy ( The Academy ) may grant a licence to use ipads or
More informationGERFLOR Job Reference Award 2015
GERFLOR Job Reference Award 2015 Article 1. Organisation GERFLOR S.A.S., a Simplified Joint Stock company organised and existing under the laws of France, having a registered capital for 1,932,385 Euros,
More informationPrime Minister. The French Networks and Information Security Agency Agence nationale de la sécurité des systèmes d information
Prime Minister The French Networks and Information Security Agency Agence nationale de la sécurité des systèmes d information Security incident detection service providers Prestataires de détection des
More informationTerms of use of information and communication technologies at the University of Burgundy
Terms of use of information and communication technologies at the University of Burgundy Adopted by the Board of the University of Burgundy on June 28, 2007. This Charter constitutes the internal regulations
More informationTerms and conditions of use
Terms and conditions of use 1. Introduction 1.1 These terms and conditions govern your use of our website. 1.2 By using our website, you accept these terms and conditions in full; accordingly, if you disagree
More informationONE TO ONE LAPTOP PROGRAMME POLICY
ONE TO ONE LAPTOP PROGRAMME POLICY CONTENTS 1 Vision and Rationale... 2 2 Ownership Model... 2 3 End of Lifecycle Process... 2 4 Early Return Policy... 2 5 Appearance / Personalisation... 2 6 Device Specifications...
More information1. General questions. 2. Personal data protection rights of employees PERSONAL DATA PROTECTION FAQ
PERSONAL DATA PROTECTION FAQ These Frequently Asked Questions are broken down into three parts: Part 1 contains answers to general questions on personal data protection. Part 2 is about employees personal
More informationCharter Defining the Use of IT Facilities at Member Institutions of Université de Grenoble PRES
Charter Defining the Use of IT Facilities at Member Institutions of Université de Grenoble PRES Université Joseph Fourier Université Pierre Mendes-France Université Stendhal Institut Polytechnique de Grenoble
More informationRFC 2350 CSIRT-TEHTRIS [CERT-TEHTRIS]
RFC 2350 CSIRT-TEHTRIS [CERT-TEHTRIS] 1 Document information... 2 1.1 Date of Last Update... 2 1.2 Distribution List for Notifications... 2 1.3 Locations where this Document May Be Found... 2 1.4 Authenticating
More informationPolitique de sécurité de l information Information Security Policy
Politique de sécurité de l information Information Security Policy Adoptée par le Conseil d administration Le 10 novembre 2011 Adopted by the Board of Directors on November 10, 2011 Table of contents FOREWORD
More informationDATA AND PAYMENT SECURITY PART 1
STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of
More informationOverseas Game Policies and Regulations - OFM GmbH Online
General Terms and Conditions GTC OnlineFootballManager ( OFM ) is an offer by OnlineFussballManager GmbH, Eupener Str. 60, D-50933 Cologne (referred to as OFM GmbH below), consisting of a browser-based
More informationATP Co C pyr y ight 2013 B l B ue C o C at S y S s y tems I nc. All R i R ghts R e R serve v d. 1
ATP 1 LES QUESTIONS QUI DEMANDENT RÉPONSE Qui s est introduit dans notre réseau? Comment s y est-on pris? Quelles données ont été compromises? Est-ce terminé? Cela peut-il se reproduire? 2 ADVANCED THREAT
More informationCloud computing and personal data protection. Gwendal LE GRAND Director of technology and innovation CNIL
Cloud computing and personal data protection Gwendal LE GRAND Director of technology and innovation CNIL 1 Data protection in Europe Directive 95/46/EC Loi 78-17 du 6 janvier 1978 amended in 2004 (France)
More informationTerms and Conditions of Use
Terms and Conditions of Use Contents CONTENTS... 1 PREAMBLE... 2 ARTICLE 1: DEFINITIONS... 2 ARTICLE 2: PURPOSE... 2 ARTICLE 3: ONLINE SALE... 2 ARTICLE 3.1: PROCESSING OF THE ORDER... 2 ARTICLE 3.2: PAYMENT...
More informationSome Network Threats: VoIP SIP Based
Grenoble INP Ensimag 2011-05-19 Some Network Threats: VoIP SIP Based Description: VoIP SIP based is becoming widely used by corporations. It envolves money and it is insecure, so let's enjoy some attacks
More informationExecutive Order No. 67 of 25. January 2012 on online casinos 1
Executive Order No. 67 of 25. January 2012 on online casinos 1 The following is hereby laid down pursuant to Sections 36(2), 41(1) and 60 of Act No. 848 of 1 July 2010 on gambling, and Sections 17(2),
More informationWHAT YOU NEED TO KNOW ABOUT CYBER SECURITY
SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes
More informationSimon Langton Grammar School for Boys E-Safety Policy
Background to the Policy Simon Langton Grammar School for Boys E-Safety Policy The E Safety Policy and its implementation will be reviewed annually. Our E Safety Policy has been written by the school,
More informationPrivacy and Security Incident Management Protocol
Our Vision Better data. Better decisions. Healthier Canadians. Our Mandate To lead the development and maintenance of comprehensive and integrated health information that enables sound policy and effective
More informationGeneral conditions and terms of use. of the website «inchallah.com»
General conditions and terms of use of the website «inchallah.com» The company CAJIS France, limited liability company with a capital of 20.000, registered in Nanterre under the number B 530 423 763, whose
More informationLowanna College 2015 BYOD PROGRAM AGREEMENT. BYOD Program 2015. BYOD Student Agreement/Acceptable Use Policy/Online Services Policy
BYOD Program 2015 BYOD Student Agreement/Acceptable Use Policy/Online Services Policy The student and parent/guardian must carefully read the above contract before signing it. Any questions should be addressed
More informationWelcome to our job search and application platform (the Platform ). Please read our Legal Terms (which includes our Privacy Policy) carefully.
LEGAL TERMS AND PRIVACY POLICY Welcome to our job search and application platform (the Platform ). Please read our Legal Terms (which includes our Privacy Policy) carefully. The Platform is accessible
More informationBOBCAT COMPUTING POLICY
BOBCAT COMPUTING POLICY The overarching policy governing computing and networking at Jones is the Policy on Acceptable Use of Electronic Resources. The policy is reprinted in its entirety below. Faculty,
More informationFINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information
FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1
More informationPermit. for nurses from other Canadian provinces. Guide to obtaining a. from the Ordre des infirmières et infirmiers du Québec
Permit from the Ordre des infirmières et infirmiers du Québec Guide to obtaining a for nurses from other Canadian provinces Updated September 2014 Text Line Lacroix Director Registrar s Office Collaboration
More informationTERMS AND CONDITIONS OF SALE ONLINE SALES ACTIVITY OF EPIC COURCHEVEL TOURISME
TERMS AND CONDITIONS OF SALE ONLINE SALES ACTIVITY OF EPIC COURCHEVEL TOURISME 1 C O N T E N T S Preliminary Article Definitions... 3. Article 1 - Application and Enforceability of the Terms and Conditions
More informationThe French Legal System
The French Legal System Second edition Andrew West LLB (Southampton), Diplome d'etudes Superieures d'universite (Droit compare) (Aix-Marseille III), PGCE (FE) (Wales), Solicitor; Lecturer, University of
More informationVijay Pal Dalmia, Advocate Delhi High Court & Supreme Court of India
Intellectual Property & Information Technology Laws Division Flat No 903, Indra Prakash Building, 21, Barakhamba Road, New Delhi 110001 (India) Phone: +91 11 42492532 (Direct) Phone: +91 11 42492525 Ext
More informationSecurity Breaches. There are unscrupulous individuals, like identity thieves, who want your information to commit fraud.
IDENTITY THEFT Security Breaches Our economy generates an enormous amount of data. Most users of that information are from honest businesses - getting and giving legitimate information. Despite the benefits
More informationIDENTITY THEFT and YOU
IDENTITY THEFT and YOU IDENTITY THEFT The Criminal Code was amended in 2010 to make identity fraud and identity theft criminal offences. With today s proliferation of technology, stealing innocent people
More information1. What information do we collect?
CHURNSPOTTER.IO PRIVACY POLICY Last updated: February 03, 2015 Welcome to the http://churnspotter.io Web site (the Site ) owned by PREDICSIS S.A.S, a corporation organized and existing under the laws of
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 17 IT Security Controls, Plans and Procedures First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Implementing IT Security
More informationAGENDA HIP Ho AA w i rivacy d The B reach Happen? I P nc AA Secu dent R rit esp y o nse Corrective Action Plan What We Learned ACRONYMS USED
Michael Almvig Skagit County Information Services Director 1 AGENDA 1 2 HIPAA How Did Privacy The Breach Happen? HIPAA Incident Security Response 3 Corrective Action Plan 4 What We Learned Questions? ACRONYMS
More informationTerms of Use of MiMafia.com
Terms of Use of MiMafia.com The website www.mimafia.com (hereinafter referred to as Website ) allows you to manage a text-based online multi-player mafia game (the Game ), and to also play Games managed
More informationHow To Use A Corporate Credit Card
Corporate Credit Card Policy June 2012 1. PURPOSE The purpose of this policy is to provide authority for the use of corporate credit cards. 2. SCOPE This Policy applies to all Council Officials as defined
More informationSection 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015
Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015 I. PURPOSE The purpose of this policy is to establish guidelines for processing charges on Payment Cards to protect
More informationPentests: Exposing real world attacks
HERVÉ SCHAUER CONSULTANTS Cabinet de Consultants en Sécurité Informatique depuis 1989 Spécialisé sur Unix, Windows, TCP/IP et Internet Security Day 2011 Pentests: Exposing real world attacks Renaud Dubourguais
More informationCOMPANY CONVICTED FOR FAILURE TO ADVERTISE IN FRENCH ON THE INTERNET
1 COMPANY CONVICTED FOR FAILURE TO ADVERTISE IN FRENCH ON THE INTERNET Marcel Naud * LEGER ROBIC RICHARD, Lawyers, ROBIC, Patent & Trademark Agents Centre CDP Capital 1001 Square-Victoria - Bloc E 8 th
More informationChapter I: Anti-counterfeiting measures
Foreword 1. Counterfeiting is a real scourge on today s society. It can fool consumers and threaten their health and safety, especially when counterfeit products do not respect applicable standards or
More informationAre your people playing an effective role in your cyber resilience?
Are your people playing an effective role in your cyber resilience? 01 Cyber attacks are now business as usual for organizations around the world. Organizations have typically trusted in technology to
More informationSOCIAL MEDIA & bet-at-home.com
SOCIAL MEDIA & bet-at-home.com 1 WHY IS THERE A GUIDELINE? The time when the internet was only used for sending e-mails and surfing the web has come and gone. Facebook, Twitter, YouTube and so on, have
More informationPOLICY TITLE: Computer and Network Service POLICY NO: 698 PAGE 1 of 6
POLICY TITLE: Computer and Network Service POLICY NO: 698 PAGE 1 of 6 GENERAL Computer network service through the Internet provides an electronic highway connecting millions of computers around the world.
More informationBottom line you must be compliant. It s the law. If you aren t compliant, you are leaving yourself open to fines, lawsuits and potentially closure.
Payment Card Industry Security Standards Over the past years, a series of new rules and regulations regarding consumer safety and identify theft have been enacted by both the government and the PCI Security
More informationInformation Security
Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff
More informationEnter a world class network WORLD TRADE CENTER LYON WORLD TRADE CENTER LYON WORLD TRADE CENTER LYON
Enter a world class network Headquarters : Cité Internationale, 15 Quai Charles de Gaulle - 69006 Lyon - France Tel. 33 (0) 4 72 40 57 52 - Fax 33 (0)4 72 40 57 08 Business Center : Lyon-Saint Exupéry
More informationprivacy and credit reporting policy.
privacy and credit reporting policy. ME, we, us or our refers to Members Equity Bank Ltd and its subsidiary ME Portfolio Management Ltd. about ME Every Australian deserves to get the most out of their
More informationE-commerce and Legal Compliance
E-commerce and Legal Compliance Moving all or part of your business online can be an exciting time, opening up a range of opportunities and new markets for you and your business. Hand in hand with these
More informationAdministrative Procedures Memorandum A1452
Page 1 of 11 Date of Issue February 2, 2010 Original Date of Issue Subject References February 2, 2010 PRIVACY BREACH PROTOCOL Policy 2197 Management of Personal Information APM 1450 Management of Personal
More informationHow To Prevent Cybercrime
2013 NORTON REPORT 2013 NORTON REPORT 24 COUNTRIES AUSTRALIA, BRAZIL, CANADA, CHINA, COLOMBIA, DENMARK, FRANCE, GERMANY, INDIA, ITALY, JAPAN, MEXICO, NETHERLANDS, NEW ZEALAND, POLAND, RUSSIA, SAUDI ARABIA,
More informationNumber street apartment. municipality province postal code
Form updated on 20160307 APPLICATION FOR ISSUANCE of a licence REAL ESTATE OR MORTGAGE BROKER IMPORTANT A licence application is deemed received once all information and documents required hereunder have
More informationCase study: What the? Online scams and identity theft
Case study: What the? Online scams and identity theft Theme The internet and mobile technologies are a source of scams and identity theft. Key learning/subject areas Cross curricula. Duration One to two
More informationSibford School Student Computer Acceptable Use Policy
Introduction Sibford School Student Computer Acceptable Use Policy The use of the latest technology is actively encouraged at Sibford School but with this comes a responsibility to protect both students
More informationPenetration Testing //Vulnerability Assessment //Remedy
A Division Penetration Testing //Vulnerability Assessment //Remedy In Penetration Testing, part of a security assessment practice attempts to simulate the techniques adopted by an attacker in compromising
More informationLinShare offer. Presentation. February 2014. Secure file sharing. LinShare 1.5
LinShare offer Secure file sharing Presentation. February 2014. LinShare 1.5 LINAGORA: Presentation of the enterprise Software and services to win the Free Open Source big projects Turnover (M ) People
More informationFRANCE. Emmanuèle LUTFALLA Pierre-Paul SAULOU. SCP Soulié & Coste-Floret 20, Boulevard Masséna 75013 PARIS FRANCE
FRANCE Emmanuèle LUTFALLA Pierre-Paul SAULOU SCP Soulié & Coste-Floret 20, Boulevard Masséna 75013 PARIS FRANCE Phone : 00.33(1) 44 23 53 00 Fax : 00.33 (1) 44 23 17 17 / 00.33 (1) 44 23 17 18 Email :
More informationInformation Incident Management Policy
Information Incident Management Policy Change History Version Date Description 0.1 04/01/2013 Draft 0.2 26/02/2013 Replaced procedure details with broad principles 0.3 27/03/2013 Revised following audit
More informationPresented by Evan Sylvester, CISSP
Presented by Evan Sylvester, CISSP Who Am I? Evan Sylvester FAST Information Security Officer MBA, Texas State University BBA in Management Information Systems at the University of Texas Certified Information
More informationStrategies for occupational therapists to address elder abuse/mistreatment
Strategies for occupational therapists to address elder abuse/mistreatment Provincial Legal Information: Quebec Prepared by the Canadian Association of Occupational Therapists August 2011 This project
More informationVirginia Primary School Learning Together, Learning for our Future
Virginia Primary School Learning Together, Learning for our Future RESPECT CARING FAIRNESS ACHIEVEMENT DIVERSITY Information Technology - Cyber-Safety Policy The measures to ensure the cyber-safety of
More informationSt. Peter s C.E. Primary School Farnworth Email, Internet Security and Facsimile Policy
Learn, sparkle & shine St. Peter s C.E. Primary School Farnworth Email, Internet Security and Facsimile Policy Adopted from the LA Policy April 2015 CONTENTS Page No 1. Introduction 1 2. Guiding Principles
More informationTERMS AND CONDITIONS OF USE OF THE WEBSITE GENERAL TERMS AND CONDITIONS
TERMS AND CONDITIONS OF USE OF THE WEBSITE GENERAL TERMS AND CONDITIONS Preamble Touscoprod, an EURL with capital of 7,500 Euros, listed on the Paris Companies Registry as number 510 096 365, with registered
More informationThese general conditions are intended to define the conditions under which NETIM agrees to host on its Server the Customer's Internet service.
NETIM - GENERAL TERMS AND CONDITIONS FOR SHARED HOSTING CG-HM version 2.0 30 st August 2012 NETIM SARL 165 avenue de bretagne 59000 LILLE, FRANCE Registered under number 451 394 720 RCS LILLE Hereafter
More information10 Quick Tips to Mobile Security
10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22
More informationLocal Disciplinary Policy
DOCUMENT INFORMATION Origination/author: Judith Coslett, Head of Human Resources This document replaces: Local Disciplinary and Dismissal Procedure 05 Date/detail of consultation: Staff Forum and Unison
More informationSaint Martin s Catholic Academy
Saint Martin s Catholic Academy E-Safety Policy - Acceptable Use - Students January 2015 Why have an Acceptable Use Policy? An Acceptable Use Policy is about ensuring that you, as a student at Saint Martin
More informationIDENTITY THEFT IN BRIEF!
IDENTITY THEFT IN BRIEF! The Commission d accès à l information recommends that you protect your personal information at all times. However, when a theft or loss of personal information is discovered,
More informationOne Education Internet Services SLA 2014-2015
One Education Internet Services SLA 2014-2015 1. Commencement a. The Contract begins on the date One Education or agents working on its behalf communicate its acceptance of the customer s order for the
More informationArticle I. Definitions
ONLINE SAS General Sales Terms - 30/07/2013 BETWEEN: The Client, Hereafter called the User, AND: ONLINE, a simplified stock corporation (Société anonyme par actions simplifiée) with a working capital of
More informationProcessor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries
Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Sopra HR Software as a Data Processor Sopra HR Software, 2014 / Ref. : 20141120-101114-m 1/32 1.
More informationFleet Policy. Version Number: 2 Controlled Document Director of Corporate Affairs
Fleet Policy CONTROLLED DOCUMENT CATEGORY: CLASSIFICATION: PURPOSE: This Document supports: Controlled Document Number: Policy Governance To set out the principles for the management of the Trust Fleet
More informationIDENTITY THEFT A POTENTIAL MARKET?
IDENTITY THEFT A POTENTIAL MARKET? Work group: Ludovic Cointre Fabienne Leroy Anthony Pycke Pascale Rauline Posters source www.identitytheft.org.uk copyright 2010 IFCAG. All rights reserved. Summary Definition
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationJANVIER 2013 / CATALOGUE DES FORMATIONS
1 New Vision of Technology Société de Services et de Solutions en Électronique, Informatique et Télécoms Adresse géographique : Abidjan - Cocody Riviera Palmeraie Téléphone : 225 22 49 59 45 Fax : 225
More informationEmbedded Network Solutions Australia Pty Ltd (ENSA) INTERNET ACCEPTABLE USE POLICY
T: 1300 00 ENSA (3672) F: 03 9421 6109 (ENSA) INTERNET ACCEPTABLE USE POLICY 1 ABOUT THIS POLICY... 2 2 GENERAL... 2 3 ILLEGAL ACTIVITY... 2 4 SECURITY... 2 5 RISKS OF THE INTERNET... 3 6 CONTENT PUBLISHING...
More informationWe Must Comply with International Requirements! Introducing Biometric ID Cards in France
We Must Comply with International Requirements! Introducing Biometric ID Cards in France Meryem Marzouki CNRS - LIP6/PolyTIC / IRIS Meryem.Marzouki@iris.sgdg.org www.iris.sgdg.org Terrorizing Privacy?
More informationPlus500UK Limited. Statement on Privacy and Cookie Policy
Plus500UK Limited Statement on Privacy and Cookie Policy Statement on Privacy and Cookie Policy This website is operated by Plus500UK Limited ("we, us or our"). It is our policy to respect the confidentiality
More informationHow to Practice Safely in an era of Cybercrime and Privacy Fears
How to Practice Safely in an era of Cybercrime and Privacy Fears Christina Harbridge INFORMATION PROTECTION SPECIALIST Information Security The practice of defending information from unauthorised access,
More informationTo help you fill out this form, a Companion Guide is available on the AMF website, at www.lautorite.qc.ca, in the Public Contracts section.
To help you fill out this form, a Companion Guide is available on the AMF website, at www.lautorite.qc.ca, in the Public Contracts section. Part 1 General information 1.1 Type of application Please check
More information1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski May 2015 is a business-critical application security solution for SAP environments. It provides a context-aware, secure and cloud-ready platform
More informationThese terms and conditions were last updated on 30 September 2015.
Game Rules The website www.mafiacontrol.com (hereinafter referred to as Website ) allows you to manage a text-based online multi-player mafia game (the Game ), and to also play Games managed by others.
More informationES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISS The Internet Threat Landscape Symantec TM Dean Turner Director Global Intelligence Network Symantec Security
More informationDesigning & Building an Information Security Program. To protect our critical assets
Designing & Building an Information Security Program To protect our critical assets Larry Wilson Version 1.0 March, 2014 Instructor Biography Larry Wilson is responsible for developing, implementing and
More information3 day Workshop on Cyber Security & Ethical Hacking
3 day Workshop on Cyber Security & Ethical Hacking 1 st day-highlights-hands On Phishing Attack Hammad Mashkoor Lari Freelancer What is Cyber Security? What is Ethical hacking? What is Computer Science?
More informationPrivacy Implications of Cloud Computing in Israel
January 2012 Privacy Implications of Cloud Computing in Israel Adv. Naomi Assia Co-chairman of the Data Protection Committee -ITECHLAW www.computer-law.co.il Cloud Computing One widely accepted definition
More informationFERPA: Data & Transport Security Best Practices
FERPA: Data & Transport Security Best Practices April 2013 Mike Tassey Privacy Technical Assistance Center FERPA and Data Security Unlike HIPAA and other similar federal regulations, FERPA does not require
More informationTerms and Conditions
Terms and Conditions The following Terms and Conditions define the conditions of use of the website http://www.adbuddiz.com/ (hereinafter the Website ), edited by SAS PURPLE BRAIN, registered at the Paris
More informationAppendix I. The City University of New York Policy on Acceptable Use of Computer Resources
Appendix I The City University of New York Policy on Acceptable Use of Computer Resources Introduction CUNY s computer resources are dedicated to the support of the university s mission of education, research
More information3 What Personal Information do we collect and why do we need it?
Privacy Policy 1 Protecting your privacy The worldwide rental system operated as Europcar is owned by Europcar International, a French Corporation. A number of independently owned licensees also trade
More informationWebsite Terms and Conditions. by SEQ Legal
Website Terms and Conditions by SEQ Legal Website Terms and Conditions (1) Introduction These terms of use govern your use of our website; by using our website, you agree to these terms of use in full.
More information(4) THAMES VALLEY POLICE of Oxford Road, Kidlington, OX5 2NX ("Police Force"),
DATE OF INFORMATION SHARING AGREEMENT JULY 2015 PARTIES (1) LIVE NATION (MUSIC) UK LIMITED (Company Number 02409911) whose registered office is at 2 nd Floor, Regent Arcade House, 19-25 Argyll Street,
More informationLegal Framework to Combat Cyber Crimes in the Region: Qatar as a Model. Judge Dr. Ehab Elsonbaty Cyber Crime expert ehabelsonbaty@hotmail.
Legal Framework to Combat Cyber Crimes in the Region: Qatar as a Model Judge Dr. Ehab Elsonbaty Cyber Crime expert ehabelsonbaty@hotmail.com Why should we care about CYBER CRIME & CYBER SECURITY? Clarification
More informationAcceptable Use of Information. and Communication Systems Policy
Use of Information Purpose of this document This document describes what is acceptable and what is unacceptable use of the company s systems. It has been prepared to help Intu Properties plc employees,
More information