How to Effectively Address Privacy Concerns

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Next How to Effectively Address Privacy Concerns-5 Next

Effective strategies to control privacy

Integrating security in the product from the start, rather than trying to bolt it on after the fact, is most effective in ensuring privacy, according to Jean Taggart, senior security researcher at Malwarebytes. This means ensuring the developers are implementing proper, secure coding practices from the start.

Segmentation and access control are also key. These can occur at several levels, starting with "zone defense" – keeping precious data in a separate network zone, limiting all traffic in and out, and monitoring that traffic at key choke points so you can detect anomalies, Lloyd said. There are higher levels – applying "least privilege" designs in applications, for example. But the most fundamental level is to delineate a zone where precious information resources are kept, and where special rules apply. This helps at the technical level, limiting the attack surface, but also helps the people involved remember that they are dealing with a special, protected resource.

Most importantly, we need to get out of the rut of using traditional methods of protecting sensitive data because they no longer work in today's IT environment, Bradshaw added. This is because of the growth of so many endpoints, such as mobile devices, social networks and the cloud. With so many users and a myriad of access points to our networks, perimeter-based defenses such as firewalls, a traditional approach, cannot keep up with the evolving methods of attack.

Survey after survey shows it: Both consumers and employees question privacy on enterprise networks. For example, TRUSTe, a global data privacy management company, found that consumer trust has hit a three-year low. A GFI Software survey found that employees worry about identity theft within their company.

However, while the concerns themselves aren't new, the survey results are showing a new trend, said Barry Shteiman, director of Security Strategy at Imperva:

This new awareness is because many breaches in the past two years have resulted in the leakage of private information, and for that reason it became top-of-mind. However, this is a problem that has existed since the birth of data systems decades ago. That being said, the concern is real – breaches that risk business and private user information, such as their Social Security numbers, credit card information and other details create the risk of identity theft, and financial loss.

It isn't just breaches that are the problem, Renee Bradshaw, senior solutions manager at NetIQ, added:

With the hyper-focus on the NSA spying scandal, the Target breach, and most recently, the Heartbleed bug, it's no wonder that many Americans are very concerned about data privacy. The prospect of having your most private information bared for all to see, or of having your personal wealth plundered by the "bad guys," has become a real possibility – a part of public consciousness. Understandably, there is fear, and not without merit.

Now that consumers and employees are both growing more vocal about the risks involved, it is time for enterprise to start understanding how data leaks occur and addressing privacy concerns.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.