be created. With a change of government, things will pick up,” said Rajesh Janey, President, India and SAARC EMC.
To create awareness on consumer privacy, the Data Security Council of India organises a ‘Stop, Think, Connect’ sensitisation initiative. Through this programme, they have targeted students for six months through various street theatre workshops to bring out the message of Internet safety. “Every month we train a batch of 20-30 people. And as we speak, 30 people are training for privacy protection in Bangalore today. Delhi training will take place in July next month. The initiative started last year and we completed one year in June 2014,” said Mukhi.
He further added that DSCI also organises implementation courses on security and privacy where a group of people is trained to manage privacy of organisations. “Organisations such as Infosys, Wipro and Cognizant have taken part in such initiatives. If an organisation is willing, they have an option of training its people for the assessment programme.”
Mukhi believes data security and privacy is still in its early stages in India and that critical infrastructure needs time to build up. Presently, the National Critical Information Infrastructure Centre (NCIIPC) has the mandate to protect critical infrastructure around internet privacy and security. “The US took 15 years to build assets of critical infrastructure. India is only starting to do that. We are still playing the catching-up game. However, there are two ways to ensure consumer privacy: one needs to see how the sector itself adopts practices and what the current government does to address the issues. We need to adopt current systems before jumping on to new ones and ensure a baseline framework is put in place.”
At an individual level, the report suggests, consumers should pay attention to their own protection and be aware of dialogues around privacy. Mukhi adds: “If people are using latest services, they should also take the effort to know the threat perception involved.”
Some suggestions offered by EMC are as follows: Don’t use employer-owned devices or networks for personal business, log out of apps when not in use, use multi-factor authentication for email and other online accounts and change passwords frequently.