Protecting Data Privacy: a Shared Responsibility

Data Privacy Day is a reminder that the privacy of data – corporate and personal – increases in importance year after year. And it’s amazing that this year, on January 28th, Data Privacy Day turns 10. You may recall another interesting announcement that occurred in January 2007 – the introduction of the Apple iPhone. Perhaps this was sheer coincidence, or maybe this was the foresight to know that the dawn of rapid data collection and sharing by individuals was about to create an evolution of data security challenges we’d never witnessed before.

Protecting Data Privacy

On an individual level, people think of data privacy in terms of how it will affect us as consumers, but think of all the information a business collects on your behalf that is personally identifiable to you, as well to the business itself. For most any business, in most any industry, when a client chooses to do business with you, they put faith in you to protect any personally identifiable information that you may collect from them in the course of the relationship. This data is one of your most critical assets, but also one of your most vulnerable. While the digital revolution ushered in some of the most innovative ideas and applications imaginable, especially in the realm of e-commerce and information sharing, innovations from darker forces saw a new opportunity to capitalize on security gaps that expose sensitive data.

With the ease in which data flows across networks and organizations, and the risk inherent in allowing large audiences of personnel to have access to that data, organizations need to be confident that customer records and organizational data is secure whenever or wherever it is being transported or stored. Servers, desktops, laptops, USBs and other removable media devices used by staff often contain highly-sensitive client information. Unfortunately, losing this data could put the employee, client, company or individual at both financial and reputational risk. In fact, to help in assuring data privacy, most federal, state and local government all have legislation and compliances that set out the ground rules for how businesses must handle personal information in the course of commercial activity. Failing to meet any of these compliances could result in massive fines that can cripple a business.

Protecting the Now Generation

To protect against data breaches as a result of a lost or stolen device, intrusion, or internal threat from a bad actor, companies really need to look at strong encryption, authentication, and key management solutions. With encryption in place, a lost or stolen device is essentially rendered unreadable or unusable without the encryption keys – this is your only guarantee. By properly managing your authentication policies, you can also manage the level of access any given employee or associate has, and have complete control over keys should immediate decisions need to be made regarding access rights. The proper encryption solution will also provide the necessary management tools to allow for reporting and auditing, as required for regulatory compliance.

Education Protection

While the onus is on the organization to protect the data they manage, data privacy is everyone’s concern. Studies have shown that the more educated and engaged employees and clients are, the more successful the organizations data security efforts become. It should come as no surprise that in 2017, one of the top trends for the Information Security industry is education and training. The top companies in the world will be spending more time on educating themselves, their employees and clients on how best to work together to protect data. Are you one of those companies?

To learn more about how to protect the privacy and security of your data, devices and users, see how WinMagic can cover your enterprise.