| 5.1 Service Evaluation
06 Eliza Project 1.7 | | |
|---|
| 51.07. Eliza Project 1.7: | | 1. Project 1.7 was commissioned to deploy a new kind of application service to a new kind of customer. Key project factors included the need for very high levels of encryption and very high levels of replication. | | 2. Encryption of all business data ensures that the data cannot be stolen. Encrypted data is hidden in images as an added security measure. Images are stored in folders that cannot be accessed from the Internet. Because all encrypted images are meaningless and worthless, the business cannot suffer an ICO reportable data breach. | | 3. Replication of all encrypted images ensure that the data cannot be lost. Images are replicated from one physical data center to many other data centers. In the event that a physical data center is not available, business can continue form other data centers or data can be recovered from other data centers. |
| 2. Evolution: | | 1. What was good enough for last year will not be good enough for next year when advanced data protection regulations are enforced. | | 2. Tape technology was used for many years, but was replaced with rotating disks. Disk technology was used for many years, but has been replaced with flash memory. | | 3. Disk technology was exploited with the era of the database with tables and records. Flash memory is exploited with an era of in-memory arrays and stored images. | | 4. Modern servers with massive amounts of high speed memory and solid state drives need to be used in a more effective way. The evolutionary step is to replace the database with in-memory arrays for faster and more effective applications. | | 5. The URL can be encrypted with fingerprinted machines so that sign-in to sessions are no longer needed. |
| 3. Application Architecture: | | 1. Old database driven applications can be identified with complex login sessions and cookies. This old (ties2) architecture has been great for the past decade and will have a role to play for the next decade. Agencies and criminals know how to attack database applications because database stored data is not searchable once it is encrypted. | | 2. New array driven applications can be identified with simple mobile apps. This new (project 1.7) architecture has more security, more privacy, more reliability and more availability. Agencies and criminals have no idea of how to attack encrypted data hidden in images that are stored in places that cannot be accessed from the Internet. |
| 4. Application Layers: | | 1. URL level 1 is where the URL is decrypted and validated for Eliza to decide what procedure is to be used. Everything that the application needs to process any procedure is encrypted in the URL - login can be avoided. Criminal attacks on the URL will cause the criminals IP to be shown the "hello world" message for the rest of the day. Approved people are identified by IP address, operating system and browser version with optional screen size and type of processor. | | 2. Storage level 2 is where Eliza will read an image and decrypt any business data needed into in-memory arrays. Level 2 may also encrypt an array and write an image when the array is changed in any way. | | 3. Business level 3 is where Eliza will show an array in a list or show an array row in an add new or change form. Level 3 includes any automatic insert or update of business data at the array level - fast and efficient. Eliza will either show (1) a spreadsheet (list or report) or (2) a form (document). |
| 5. Why: | | 1. Simplification. Replicated Encrypted Data means no reportable data breach. | | 2. Login is an optional extra step that is no longer essential - passwords cannot be stolen. | | 3. Cookies are an optional extra factor that are no longer essential - cookies cannot be hacked. | | 4. All business data is always encrypted and hidden in images - data cannot be stolen. | | 5. All encrypted images are always hidden in places that cannot be accessed from the Internet - hackers cannot attack the data. | | 6. All encrypted images are always replicated to many data centers - data cannot be lost. | | 7. A URL can be emailed to a person for them to access that specific business page - no login for approved people. |
| 6. Authentication: | | 1. To simplify bespoke application services for approved people not to need to login, a procedure is needed to identify each approved person. | | 2. A manager enters a new persons account details and is given a one-time access code in return. | | 3. The new person logs in with their access code using their normal computer and network. Eliza writes a cookie to the computer and records the new persons computer details. | | 4. The approved person saves their welcome page as a favourite or as an icon on their desktop - the saved URL implies their user identity. | | 5. The approved person cannot loose their password because they will never need to have a password. | | 6. If the person gets a new computer they will not be known to Eliza and will need to ask their manager for a new access code. When they enter the new access code, Eliza will write a cookie and record their new computer details for next time. |
| 7. Approved Person: | | 1. An approved person may be a computer that is used by many people for a specific purpose. Some Gateway computers are reused by shift workers for Gateway application purposes and no other purpose. The unique identification of an approved Gateway computer on an approved network is adequate authentication. Some Service Desk computers are reused by agents for service desk application purposes and no other purpose. The unique identification of an approved service desk computer on an approved network is adequate authentication. | | 2. An approved computer on an approved network with an approved operating system, approved browser, known screen size and known processor type may be adequate authentication for most purposes. |
| 8. Open Book Accounts: | | 1. Project 1.7 was driven by Open Book Accounting and Customer Balance Sheet application services to share confidential business data between customers and service providers. Security of the data is critical, but login can be avoided when the people involved use approved computers on approved networks. The URL architecture places all authentication at level 1 of every transaction - this is advanced and may not be applicable to every application service. | | 2. Eliza will send a plain text email to the registered parties with a URL link to the customer balance sheet. The encrypted URL contains authentication information that is verified before the link will shown the customer balance sheet. A button on each invoice and payment row can be clicked to popup that invoice or payment acknowledgement document. | | 3. Rather than login once and expect all following transactions to be from the same person, why not validate every transaction to ensure they are the same person. These benefits will initially only be offered to people who use a dedicated computer such as a laptop, tablet or smart phone. All approved people involved in accounting application services can be certain to be uniquely identified by their physical computer and network. |
| Reminder: | | 1. Every phone call and every email is a phishing attack from a criminal until proven otherwise. | | 2. Never download an application program - every App has vulnerabilities and contains spyware. | | 3. Delete all emails every day. Never retain history that can only be used against you. | | 4. Never use Microsoft Office programs - they have vulnerabilities and all documents will be copied may used by others against you in the decades to come. | | 5. Never use iDrive, iCloud or any automatic download tool that will steal files that can only be used against you in the decades to come. | | 6. Never use an Anti-Virus tool - they do not work, they contain spyware and they have vulnerabilities. | | 7. Never store a file, email or document on a local computer - it will be stolen and may be sold to others. | | 8. Windows-2000 is safer than Windows-XP and Windows-XP is safer than Windows-10. Anything is safer than Windows-7. Linux can be configured down to provide one and only one service in a safe and secure way. | | 9. Microsoft with all its resources are unable to make Internet Explorer or Edge safe and secure - patches to known vulnerabilities are applied each and every month. If Microsoft cannot write safe and secure software, then no other vendor can write software without vulnerabilities. | | 10. Do not use one computer (that will eventually fail) when a swarm can be used. | | 11. Do not use backups when replication can be used. | | 12. Do not store any business data that is not (excessively) encrypted. | | 13. Do not use one encryption key when a large number can be used. |
| Document Control: | | 1. Document Title: Eliza Project 1.7. | | 2. Reference: 165106. | | 3. Keywords: Eliza Project 1.7. | | 4. Description: Eliza Project 1.7. | | 5. Privacy: Publicly shared with all approved people. | | 6. Issued: 16 Mar 2017. | | 7. Edition: 1.7. |
| Data Controller Responsibilities: | | 0. Your Data Processor as ASP are not lawyers and are not in a position to offer legal advice, but the following topics may be of assistance. | | 1. Your Data Processor warrent that the Bespoke Application Service is fit for purpose and fully complies with all GRPR and associated legal obligations. | | 2. Your Data Processor accept unconditional liability and unlimited financial costs arising from any data breach of information stored by the Data Processor in the Bespoke Application Service. | | 3. Your Data Processor provides a fit and proper Data Protection Officer to liase with the ICO in the event of a data breach from the Bespoke Application Service. | | 4. Your Data Processor provides 24*7 monitoring of the Bespoke Application Service to detect criminal behaviour that could lead to a data breach. | | 5. Your Data Processor provides privacy notice, Data Protection Impact Assessment (DPIA), Subject Access Request (SAR) facilities and contact us services as required by UK laws. | | 6. The Data Controller is obliged by the ICO to perform due diligence on their Data Processor and have formal written agreements on all data protection matters. | | 7. The Data Controller is responsible for all data stored on local computers including data downloaded from the Bespoke Application Service. | | 8. The Data Controller is responsible for local computers that are lost or stolen, for data that is lost or stolen and for data that is trapped by ransomware or malware. | | 9. The Data Controller is responsible for staff training, education and awareness. Every UK company must comply with GDPR. | | 10. The Data Controller shall provide a single point of contact with the ICO to report and handle any local data breach. | | 11. The Data Controller shall provide adequate measures to detect and report a data breach of any locally stored information. | | 12. The Data Controller shall provide their own privacy notice, Data Protection Impact Assessment (DPIA), Subject Access Request (SAR) facilities and contact us services for any data not stored within the Bespoke Application Service. |
| What the Data Controller must do: | | 1. Awareness: documented evidence of internal staff training is mandated for compliance with UK laws. | | 2. Data Protection Impact Analysis: documented evidence as a formal Data Protection Impact Analysis is mandated for compliance with ICO. | | 3. Privacy Notice: documented privacy information shared with all staff, customers and suppliers is mandated by compliance. | | 4. Rights of People: must be documented as the right to view, to change and to delete personal information. | | 5. Subject Access Requests: must be processed without delay, even if 10,000 requests arrive on May 25th 2018. | | 6. Purpose: to store each field must be documented and shared with business associates. | | 7. Consent: must be obtained to share personal information with the person who owns their own data. | | 8. Children: must be identified and parential consent obtained. | | 9. Data Breach Procedure: must be documented for what happens when a computer is lost or data is copied. | | 10. Data Protection By Design: must be deployed with encryption, pseudonymisation and similar methods. | | 11. Data Protection Officer: with aqequate skill, knownledge and qualifications is assigned as a the single point of contact with ICO. | | 12. International Borders: demand extra data sovereignty agreements when working with or using USA owned services such as OneDrive. |
| Phishing: | | 1. The vast majority of criminal attacks have been phishing attacks by criminals impersonating approved people and using intimidation to cause people to thing thing they should not do. | | 2. As a duty of care for its people, the Data Processor provides a safe and secure self-service support service for approved people and a safe contact-us service for other people. | | 3. The effect is that the only people who try to make contact by phone or email must be criminals. | | 4. The data processor protects its people by assigning a job title to a team of people who together provide a 24*7 service without disclosing a specific persons name. | | 5. All business data is shared by all staff and no place exists to hide personal data. | | 6. What to do: | | (1) Support Request: can be added by any approved person who has access to a Bespoke Application Service. This data is encrypted and cannot be leaked. | | (2) Contact Us: can be sent by any person who knows about any Bespoke Application Service, but has not signed in. This data is encrypted and cannot be leaked. | | (3) Contact Us: can be sent by any person who can view "www.computer-management.co.uk". This data is encrypted and cannot be leaked. | | (4) support@domain.co.uk: can be used to leak business data by a person who knows what Bespoke Application Service domain to use. | | (5) support@computer-management.co.uk: can be used to leak business data by a person who does not care about leaking such business data. | | (6) 02084288366: can be used to leave a business message by a person who chooses to leak business data by phone. | | 7. The Data Processor shall only use the telephone in an emergency and shall not communicate private, confidential or sensitive business information. | | 8. The Data Processor shall only reply to an email in an emergency and shall not communicate private, confidential or sensitive business information. | | 9. The Data Processor acknowledges that agencies in all parts of the world shall process phone calls and emails and sell the results. |
|
|