##About Rootconf Hyderabad:
Rootconf Hyderabad is a platform for:
- DevOps engineers
- Site Reliability Engineers (SRE)
- ML and data engineers
- Security and DevSecOps professionals
- Software engineers
to discuss real-world problems around:
- Site Reliability Engineering (SRE)
- Data and AI engineering
- Distributed systems -- observerability, microservices
- Implementing Infrastructure as Code
Speakers from Flipkart, Hotstar, Intuit, GO-JEK, MadStreetDen and Trusting Social will share their experiences with the above challenges.
##Event venue:
Rootconf Hyderabad will be held at T-Hub, IIIT-Hyderabad Campus, Gachibowli, Hyderabad, Telangana - 500032
##Contact information:
For bulk ticket purchases,sponsorship and other inquiries, contact sales@hasgeek.com or call 7676332020
#Sponsors:
Click here to view the Sponsorship Deck.
Rootconf Hyderabad 2019 sponsors:
#Platinum Sponsor
 |
 |
#Bronze Sponsors
 |
 |
 |
For information about the event, tickets (bulk discounts automatically apply on 5+ and 10+ tickets) and speaking, call Rootconf on 7676332020 or write to info@hasgeek.com.
GP
Ganessh Kumar R P
@ganesshkumar
Data Protection and Compliance - Architecting Privacy in Devops
Submitted Apr 19, 2019
Section:
Full talk
Technical level:
Intermediate
Session type:
Lecture
Remember the incident(https://ia.acs.org.au/article/2019/millions-of-facebook-passwords-stored-in-plain-text.html), early this year, when millions of Facebook users were asked to reset their password as one of their systems was storing user passwords in plain text?
How do you formulate your process so that this does not happen in your company? At Microsoft, we have a unique way of handling customer data and information flow. In Microsoft Teams, we store a range of customer data ranging from healthcare to education - all of which have strict data compliance and regulatory requirements. And we have strict data handling policies so that even Microsoft employees don’t see your data.
This talk focuses on our experience in building a compliant storage layer to store the content of users and teams in Microsoft Teams.
Outline
- Process - Compliance to Data Protection is part of our Engineering Process
- Trust
- Data handling
- Customer Promises
- Compliance
- Microsoft Teams & Building Compliant New Services
- Data Handling - Walk through how data regulation is baked into a feature
- Data classification
- Data deletion
- Active deletion
- Passive deletion
- Retention hooks
- Data Encryption
- CosmosDB encryption
- Bring your own key
- Legal hold and eDiscovery
- Change Feed
- Engineering Systems - So that even employees in Microsoft can’t tamper with your data
- KeyVault and it’s features
- CredScan
- Certificate Rotation
- PAVC, Host IDS, AzureSecPack
- Case Studies
- GDRP
- Go Local
Requirements
If you can bring your enthusiasm about privacy, security, and compliance, you will be able to appreciate the challenges and the solutions.
Speaker bio
I am Ganessh Kumar, Software Engineer at Microsoft India Development Centre, Bengaluru. I am working on a new service that acts as the Data Layer to enable services in Microsoft Teams to store their data in a secure and compliant way.
Over my 7 years of experience in Software Industry, I have worked on frontend, backend, mobile, and DevOps. I enjoy being a Full Stack Developer where I can understand the product end-to-end. As an end user, I value privacy a lot and at Microsoft, I enjoy the opportunity to work on a product that has a lot of emphasis on data security and compliance.
Before Microsoft, I have worked at Amazon and Mitter.io building some of the highly available mission-critical services.
Links
Slides
https://docs.google.com/presentation/d/1Q_egeMv7gpuoMFqKeOMC7T10FnwJkbYWHeHsvGT0E6Q/edit?usp=sharing
{{ gettext('Login to leave a comment') }}
{{ gettext('Post a comment…') }}{{ errorMsg }}
{{ gettext('No comments posted yet') }}