Controlling Privacy at Heart of Security Efforts

Sue Marquette Poremba
Slide Show

Check out highlights from Lora's poll of industry experts on the topic of online security.

Privacy is the great paradox of the Internet age. We want to use this great tool to network and share information, yet we don't want everybody to have access to all of the information. We blame Facebook for not protecting our privacy, while at the same time, we share incredibly personal details that compromise both physical and virtual security.


Of course, what we share isn't the only problem. How we share information is a growing risk to privacy, as hackers become more sophisticated and as there are more ways to share private information via applications that have questionable security.


Because of this paradox, the Computerworld article, "Can Privacy Be Saved? Maybe," jumped out at me. The article pointed out the efforts of General Electric to follow the ever-increasing flow of regulations to keep sensitive data on consumers private, and it included this thought:


Nuala O'Connor Kelly, senior counsel and chief privacy leader for GE, started with a question for the audience: What is privacy? Answer: The right-ability to CONTROL how your personal information is used.


Obviously, users have some control over their own privacy, but privacy is relinquished when information is given to health insurance companies, banks, retail stores, etc. Then it becomes the burden of the enterprise to protect the privacy -- and trust -- of their customer base. So what is GE's approach? According to the article:


Though there's no one-size-fits-all manual for dealing with these issues, GE took one major step O'Connor Kelly believes has made a major difference: Bringing the legal and IT security sides of the house closer together.


It's good advice. Security can't work in a vacuum, where only one small department is always playing defense against potential threats. I'd go a step further and say that along with legal, IT security needs to work with other business entities like HR and anyone who handles corporate governance and compliance issues. Add to that solid company security policies where employees are informed of the implications of privacy breakdowns. And then, maybe privacy can be saved.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.