Compliance for Cloud Computing following the GDPR in 2018

gdpr-3385166_960_720.jpg

The General Data Protection Regulation (GDPR), implemented by the European Union in May 2018, gives individual E.U. citizens much greater control over their personal data. Key points about the regulation are as follows:

  • Organizations must remove records about customers or clients without undue delay upon receipt of an erasure request to comply with GDPR.
  • Organizations must report a security breach that puts individual data at risk within 72 hours of the breach occurring.
  • Data processors now share the burden for protecting personal data.

With more organizations leveraging the cloud service model to deliver important enterprise IT functions, including data storage, hosting applications, and data backup, GDPR has a range of impacts on both cloud service providers and cloud users. With potentially sensitive data being transferred beyond the internal control of organizations, both service providers and users have responsibilities in maintaining GDPR compliance.

This article outlines five important lessons learned for cloud computing in terms of achieving compliance with GDPR rules.

  1. Don’t Neglect Cloud Backup Data

The strict GDPR rule about an individual’s right to be forgotten is relatively straightforward to adhere to by simply deleting the data from production systems promptly after you receive such requests. However, a crucial lesson in the context of cloud computing is to understand what you need to do with backup data related to such individuals that want their data removed.

Many organizations use cloud backup services for archiving and/or disaster recovery, including Microsoft Azure, AWS (Amazon Web Services), and even backup services to back up primary data that already resides on AWS cloud systems. The onus, according to GDPR, is on both the data controller (organization) and the data processor (cloud service provider) to comply with rules.

To handle data residing in cloud backup services that owners have requested you remove, both cloud users and service providers can take steps, such as:

  • Remove backup copies of data as soon as it is feasible to do so, i.e. when doing so doesn’t compromise your other data retention obligations.
  • Keep backup data safe by always encrypting it.
  • Clearly communicate with people about how data kept in backup systems might take longer to remove, how you plan to secure it, and when you will delete it.
  • Implement pre-defined data retention periods.
  1. Visibility into Data Location is Crucial

When you transfer or store data in the systems and applications of cloud services providers, it’s important to have clear visibility into the location that such data is being housed and processed. Under GDPR, you, the organizational data controller, and the cloud service provider, in their role as a data processor, both need to track the location of sensitive information.

Sensitive data moving outside the EU or the EEA can only be transferred to a location that is either pre-approved by the European Commission or is known to have a GDPR-equivalent regulation in place. The issue is that it is often unclear where exactly data resides in the cloud, and certain cloud providers may move this data between different data centers.

Proper visibility into your cloud-based data comes from performing appropriate due diligence into cloud providers and choosing providers that emphasize transparency into the location of sensitive information in line with GDPR.

  1. Ensure Your Contract Includes Breach Response Protocols

To respond to a cloud-based data breach in a GDPR-compliant manner, the agreement or contract you sign with each cloud service provider should include clear definitions of what constitutes a breach and clear protocols for responding to events that meet this definition.

Make sure your contract stipulates that your cloud service provider notifies you about any data breach in its systems without delay. The last thing you need as a data controller is a breach of sensitive information making media headlines before you’ve been informed and before you’ve had the chance to communicate such a breach both to individuals at risk and the relevant authorities.

  1. Your Data Needs to Be Portable  

Under GDPR, data subjects have a right to data portability, which means having the right to receive their personal data in a structured, commonly used and machine-readable format.

In the context of modern IT setups, where data could reside on any number of cloud applications, this means organizations should seek to ensure their cloud providers have the technical capacity to ensure data subjects can exercise this data portability right.

As far as technical methods for porting data from cloud services, you can use Application Programming Interfaces (APIs), which are often developed by major cloud service providers. Some cloud service providers also let you download data as a file in a commonly used format in line with GDPR.

  1. Look For Demonstrable Proof of IT Security and Privacy

To comply with GDPR, the highest possible privacy settings need to be applied to secure personal data. Within the enterprise, achieving this is not such an issue. However, when moving data to cloud systems outside the enterprise, it is the cloud provider’s own IT security and privacy measures that determine compliance with GDPR.

Prudent risk management in this respect involves appropriate risk management planning to determine the extent to which your chosen cloud provider can protect data to comply with the high-level privacy requirements in GDPR. Things to look out for from cloud service providers include ISO 27001 or ISO 27018 certifications, or perhaps even a specific contractual dedication to GDPR security and privacy compliance.

GDPR is a complex legislation, and achieving compliance with it is paramount if organizations and service providers want to avoid hefty fines and/or lawsuits. The complexity of modern IT environments, which typically feature a slew of cloud services in addition to on-premise systems, add further challenges to an already paradigm-shifting regulation. Follow the five lessons here to get a good idea of GDPR-compliance in a cloud computing landscape.

Opening the doors of success require a well written resume

fresh-graduate.jpg

Education helps bring out leadership qualities in people as enablers for good-paying jobs

Society expects its young people to go to school and educate themselves in preparation for a good job. Popular American quotation and quip writer, Cullen Hightower, once said, “A good education prepares a child to be a good employee and a good citizen, in that order, with the importance of the former never exceeding the importance of the latter.”

In fact, the annual survey of incoming freshmen at the University of California, Los Angeles (UCLA), recently found that where freshmen once gave their top reason for going to college as “learn about things that interest me,” now give as their top reason for a college education as “get a better job.”  A recent study by Pew Research Center in Washington DC, found that college graduates between the ages 25-32, earn $17,500 more in a year, than a person with only a high school diploma. According to studies by the US National Center for Education statistics, there were 16.9 million undergraduates in the US  in 2016, which was a 28% increase from 2000, when the enrollment was only 13.2 million. A recent Gallup Poll showed that during the course of their careers, Americans who invest in a Bachelor Degree, earn about $1 million more than those who have only high school diplomas. At the same time, unemployment for 25 and older college graduates has nearly doubled since 2000. So, colleges are having to re-think strategies to prepare students to find jobs upon leaving college.

College professors have typically not been partial to the idea of changing their mission of broadly educating students. In fact, they have always been keen to thrust the job-focused responsibilities on college career centers. Finding jobs after college had, until recently, been the responsibility of career centers, tucked away in a corner in colleges, underfunded and low-profile.

With career centers virtually ineffective, students are now turning to more informal networks. A Gallup survey found that 20% of students found an internship or a job through a friend, while a similar number found jobs through professors or other academic staff. It appears that these informal networks are the reason that there is such frantic effort by students and parents, to get into an Ivy League school. Surveys find that parents in privileged positions, are able to help their children’s friends get a foothold in the world of employment. It is proof that a strong resume is not needed when powerful connections can oblige.

What is common knowledge is that students from less-privileged backgrounds have less opportunity to enter selective colleges, and, as a result, cannot get employment prospects though privileged social connections. The widening gap between wealthy and low-income groups finally led thirty selective colleges and universities  called the “American Talent Initiative,” (ATI) to collaborate to recruit more low income students. The goal of ATI is to add 50,000 more low-income students to 270 selective US colleges by 2025. One of the funders of ATI, billionaire philanthropist, Michael Bloomberg, said, “If we’re serious about promoting social mobility in America, we need to ensure that every qualified high school student in the U.S. has an opportunity to attend college.”

However, as many adults in jobs have realized, education does not end after college. Whether at entry level or somewhere further up the work ladder, people understand they need to keep studying to grow and advance their careers and professional goals. As President of the New England College of Business and Finance, Howard E. Horton, said, professions such as nursing and accounting  require people to keep current in their knowledge by “attaining specific levels of continuing education units (CEUs) to remain professionally licensed.” The same is true of other professions too, including doctors and lawyers.

On the other hand, many other people go back to school because they enjoying learning. Career coach, Nancy Collamer, said, “Most do it to bolster their range of marketable skills and credentials, which, in turn, makes them more competitive–both at their current employer and in the overall job market.”

Learning, indeed, brings its own rewards. Former US President John F. Kennedy, once said, “Leadership and learning are indispensable to each other.”

Using AI/Deep Learning for the Government and Public Sector

gkgj

Artificial intelligence and its related fields, including deep learning, have a wide range of applications. A recently published 2017 paper goes into detail on the various societal impacts of what has been dubbed the “forthcoming AI revolution.”

While the potential societal impacts of AI are disparate, two of the most important areas it has the potential to influence are the government and the public sector. This article goes into detail on five examples of using AI and deep learning within the government and public sector. However, you’ll first get a clear definition on what AI and deep learning actually are.

The term artificial intelligence was coined by a computer scientist named John McCarthy as far back as 1955.  It is best understood as a field of computer science that enables computers and machines to learn how to perform tasks that normally require human intelligence.

Machine learning is an application of artificial intelligence concerned with using statistical techniques to facilitate computers in learning how to perform tasks and improving their performance at those tasks without specific programming.

Deep learning has emerged as a more advanced method of machine learning in which computer systems can model high-level abstractions in data. Applications of deep learning include providing color to black and white images, classifying objects in images, and assisting healthcare professionals with diagnosis through medical image analysis.

Advances in algorithmic computer science coupled with the availability of powerful computing systems at a relatively low cost have facilitated the rapid growth in AI and deep learning in recent years. Companies and governments can now easily use AI platforms, such as IBM Watson, platforms like Amazon Machine Learning, or deep learning.

The AI Index, published annually, keeps track of the progress and evolution of artificial intelligence. The 2017 AI Index reported that the number of AI papers produced each year has increased by more than 9x since 1996, reflecting a growing scientific interest in AI. Additionally, the same paper reported that the number of active U.S .startups developing AI systems has increased by a factor of 14 since 2000.

Cyberdefense is a subject that has been in the media spotlight in recent times after the revelations of Russian interference in the U.S. election process. With increasingly sophisticated forms of attack, it’s imperative that governments have technology available that can defend against such attacks.

Technology company NVIDIA, together with Booz Allen Hamilton, have teamed up to build machine learning and deep learning solutions that can detect cyber threats faster and more efficiently. The end result promises stronger federal cyberdefense and governments that are less susceptible to outside interference in their democratic processes.

Busy urban areas are often plagued with traffic congestion issues that local authorities struggle to contain. Part of the problem is that traffic congestion is surprisingly difficult to predict. Aside from the key rush hour times, traffic can build up at other times over the course of the day, causing significant backlogs on roads.

In an interesting 2016 paper, the results of an experiment to use deep learning methods for predicting short-term traffic conditions revealed excellent predictive value at 90 percent. Being able to predict traffic conditions hands the power back to local authorities and the personnel responsible for traffic control, assisting them in taking proactive measures to ease traffic congestion across the busiest areas of a city’s transport infrastructure.

A large part of the appeal of artificial intelligence lies in its ability to automate processes that are normally time-consuming for humans to perform. A set of processes that often presents significant problems to immigration and naturalization departments within governments is the application and processing of visa and immigration applications.

There is often a significant backlog in immigration departments due to the time it takes to process each case. However, AI can come into its own here by automating some of the processing, which helps to augment the roles of the civil service workers who still make the final decision on each case.

The powerful machine learning and deep learning algorithms that have revolutionized image detection and classification can be used by state police forces to identify criminals. Facial recognition software continues to improve, and governments can use these advancements to their benefit by identifying on-the-run criminals in public spaces.

The improved identification comes from using the software to analyze images from CCTV and other sources throughout a region in which the suspect is expected to be.

Many modern countries are multi-cultural and multi-lingual with inhabitants and visitors speaking a diverse range of languages. Frustration can arise in the context of public service settings when citizens or visitors seek to communicate with various governmental departments, only to find that their fluency in the local language is lacking.

Improvements in speech-to-text translation systems, thanks to machine learning and deep learning, can remove these communication barriers by providing real-time translation in public service settings.

The examples given here are just a snapshot of what artificial intelligence and deep learning methods can bring to governments and public sectors. As these technologies continue to evolve, expect to see the range of use cases of AI grow even larger and become more innovative.

Home technology is the next step in home design evolution

construction-adhesive-baseboard.jpg

The modern home is vastly different from traditional homes and is likely to be the blueprint that future homes are constructed from. The evolution of home design has taken us through a vast array of style concepts and practicalities that have transformed the real estate market. The traditional colonial style home has been replaced by modern designs that are all about edgy corners and eco-friendly design concepts. As our own awareness of the world around us has changed dramatically over time, so has our approach to many aspects of life – including the very homes that we live in. Modern home designs that are on the market today are created with the modern-day and future homeowner in mind. This means that the home designs that are currently being rolled out in the market are ones that can support home technology as it evolves, making them truly the homes for the future. Whether it be a simple design concept – like modern, sharp corners – or the eco-friendly touches that are incorporated into the foundations of modern home designs, there is a lot to be said about the current state of home design and the potential that it holds for the future.

Aside from the homes themselves, the biggest selling point for most people these days is the technologies that are present in the home or could fit into the home as organically as possible. Home technology not only allows homeowners to feel safe and at home, but it gives their natural environment a much stronger sense of convenience, efficiency, and longevity. Our homes are the places we generally feel most comfortable in, so it makes perfect sense that home technologies, being so convenient and efficient by nature, are the next logical step in home design evolution. The reality is that home technology is in a constant state of development and evolution, always reaching for more, aiming higher and higher, and having those technologies present in the home can only be a positive going forward.

The technologies that exist in the modern home are incredibly innovative and exciting, but what is even more thrilling to realise is that these wonderful home technologies and advancements are but a glimpse into the potential that the future of home technology holds. Like all great technological advancements, home technology is in a rapid state of development, and this constant evolution is paving the way for future innovations while simultaneously inviting the current homeowners of today to embrace it for what it is, which is simply a gateway for efficiency and comfort in the place we spend most of our time – home.

Much like home design, home technologies have changed drastically over time. Once upon a time, homeowners would go out of their way to hide the home technology systems that adorned their homes. These days, however, we make a conscious and continuous effort to bring them out into the space more, to show them off, to make others more aware of our digital adaptability and presence. It is an intriguing evolution, and it is one that is only just beginning its journey. A new generation of home technologies is making its way into the market, and it is changing home technology entirely, updating from already-outdated systems or replacing them entirely with newer, more efficient tech advancements. For example, smart televisions are a brilliant innovation, and we are only just now seeing them evolve further than most expected them to do so – ever.

The new versions of smart televisions come with a voice control remote, enabling homeowners to watch a program from any device in their home without having to use the remote themselves to switch, browse, or remember which service said the program was on. Voice assistants have evolved from simply being able to play music to being able to play music, memorise and relay to do lists and reminders, and even give real-time updates on things like the weather, local traffic, and current news. Wifi modems and sound systems are now being designed to look like edge, contemporary art installations throughout the home, eliminating the necessity of having bulky, eye-sore modems. We are seeing the introduction of tech cleaning systems, such as Rumba, that clean our homes for us. From virtual assistants to smart televisions, we are only now experiencing the dawn of home technology, and the future is incredibly bright and promising.

Much like home design, home technology is going through a near-constant state of evolution and improvement, making it an incredibly exciting time for those that are getting to experience it in all its wonder and transition. Home technology is going to be present in practically every home in as little as twenty years, and the innovations will only continue to get bigger and better, breathing life into a technology that many thought was sure to be a passing phase. Home technology is going to be as present in any home as Wifi is today, and that is only the beginning.