DATA SOVEREIGNTY

Data Sovereignty: the ONLY truly safe path to avoid Privacy Shield turmoil

DATA SOVEREIGNTY India is following Russia and others in imposing data sovereignty restrictions that specify that data must remain in country. Meanwhile the European Parliament has called for the suspension of Privacy Shield from 1st September. How should ethical, customer-centric organisations respond? India is just
How to Transform Your Operating Model for the Cloud

How to Transform Your Operating Model for the Cloud

Transform Your Operating Model It can be tough for established organizations to embrace change, so when they start working with cloud-based technology, they're bound to encounter hurdles. While some companies transform themselves, others lag behind. So what gives? In truth, it’s not so much about the

CONTRIBUTORS

Machine Learning Explained: Understanding Supervised, Unsupervised, and Reinforcement Learning

Machine Learning Explained: Understanding Supervised, Unsupervised, and Reinforcement Learning

Machine Learning Explained Once we start delving into the concepts behind Artificial Intelligence (AI) and Machine Learning (ML), we come ...
The ID Federation: What Technology Can Displace The Password?

The ID Federation: What Technology Can Displace The Password?

The Future Password Many people shout that the password is dead or should be killed dead. The password could be ...
Cyber Criminals and the Business Insider

Cyber Criminals and the Business Insider

Cyber Crime Business Insider You’re on the morning train on the way to work and take a look at the ...

RESOURCES

Machine Learning Open-Source Tools

Do More With Machine Learning Thanks to These 6 Open-Source Tools

Machine Learning Open-Source Tools We are in the middle of a machine learning, AI and big data renaissance — at least, that’s what we’re calling it. Seemingly everyone is interested in this technology these days, and for a good reason ...
Infographic - Internet of Things (IoT) Will Be Top Technology Investment

Infographic – Internet of Things (IoT) Will Be Top Technology Investment

Internet of Things Investment Investors are jumping all over the opportunities abound when it comes to the Internet of Things and Big Data. There is simply way too much money at stake to ignore the potential that is going to truly ...
Key Findings of the 2018 IDG Cloud Computing Study

Key Findings of the 2018 IDG Cloud Computing Study

IDG Cloud Computing Study The results of the 2018 IDG Cloud Computing study highlight how interest in the technology isn’t fading and a growing number of companies are embracing it or at least want to do so. The survey, which ...
Daren Glenister

Data Privacy Day (Cue The Parade)!

Data Privacy Day

On Sunday, January 28, the United States, Canada, India and 47 European countries will celebrate Data Privacy Day, an international day established to raise awareness of the importance of data protection and to promote privacy and data protection practices. But did you know that the roots of this day didn’t first grow in American soil? The Council of Europe initiated the first European Data Protection Day in 2007. Then, in 2009, the U.S. House of Representatives passed a vote declaring January 28 as National Data Privacy Day annually.

The point of Data Privacy Day is to make individuals and companies aware of who is holding personal data and what are they doing to protect it. For companies, it is an opportunity to promote trust between them and their customers to protect data at all times. While this day isn’t yet as well-known and celebrated as some other major holidays, the message behind it is strong: all business and customer data is important and must be protected.

How does Data Privacy Day affect individuals?

Most individuals aren’t aware of what personal data of theirs is being captured and how it’s being used. Data isn’t exclusive to what people are voluntarily sharing online through social media platforms like Facebook and Twitter. Organizations constantly gather data on their customers (i.e. their shopping habits, airline seating preferences, etc.) and their Personally Identifiable Information (PII) (i.e. social security numbers, tax filing and return information, and medical records) – all of which must be protected continuously.

We all click on User Licenses when we install software or check the mailing list button on a website, but how many of us really know what data is being held and how companies are using it? For individuals, Data Privacy Day is a way to educate everyone on taking responsibility for their own data.

Are there misconceptions about cloud-stored data?

Data Privacy Day

One big misconception is that data in the cloud is not secure. In most cases, data in the cloud is more secure than data outside of it. There is a massive, ongoing shortage of cyber and security resources worldwide so all/every resource available needs to be leveraged as part of an organizations’ security portfolio. Some cloud vendors have the security resources that many IT departments don’t have or can’t afford, creating an extra layer of security to protect the data. That said, not all cloud vendors are created the same, so due diligence needs to be performed.

How can cloud providers make sure data stays safe?

With the onset of General Data Protection Regulation (GDPR) in May 2018, organizations that conduct business in Europe have to take a serious look at how they protect PII and how well that data is secured. They are also required to gain permissions before using data for purposes other than the original intent. As a result, many organizations will have to provide more information about what data they hold and how they protect it.

GDPR will force organizations to enact several improvements in the coming months, including:

  • Understanding where PII data is held, how is it processed, how it is protected, and who has access to it
  • Encryption of data in all stages (at rest, in use, and in transit)
  • Revising internal processes to protect who has access to PII data within a company and ensure it is on a “need to know” basis
  • Revising current data retention policies to ensure only the data needed is stored
  • Implementing the ability for a customer to be forgotten. This will be a major undertaking for most companies but will result in substantial fines for organizations found in breach of GDPR.
  • Providing customer service capabilities to respond to customers who call to ask about their data or to be forgotten. This will be a major cost for companies going forward.

Any recommendations for anyone worried about data privacy and safety?

If you’re worried about your data (what’s being held and how it’s protected), you should first contact the vendor holding the data to ask what is being held. Then, take steps when providing your data either in-person or online – make sure you understand what data is being captured and how it is being used. We don’t have to become lawyers and read every contract, but at least be aware of the collection statements when entering data. When you have to provide data, be careful about what you opt to share and – if possible – share the minimum.

Thoughts on Data Privacy Day

Data Privacy Day is a great awareness tool and sparks much needed conversations both for individuals and organizations. Educating individuals and organizations on how to protect data is the first step in the battle for data privacy. The true data privacy lessons will come from enforcing regulations such as GDPR or when organizations attacked by cyber criminals quickly take action to fix the lack of data security practices. We need to take responsibility as individuals to protect our data. For those of us in IT, we need to think data protection in all that we do.

By Daren Glenister

Daren Glenister

Daren is the Field Chief Technology Officer for Intralinks. Daren serves as a customer advocate, working with enterprise organizations to evangelize data collaboration solutions and translate customer business challenges into product requirements.

Glenister brings more than 20 years of industry experience and leadership in security, compliance, secure collaboration and enterprise software, having worked with many Fortune 1000 companies to turn business challenges into real-world solutions.

View Website
The Lighter Side Of The Cloud - FOG
The Lighter Side Of The Cloud - Car Troubles
The Lighter Side Of The Cloud - Disaster Recovery

Cloud Community Supporters

(ISC)²
Cisco
SAP
CA Technologies
Dropbox

Cloud community support comes from (paid) sponsorship or (no cost) collaborative network partnership initiatives.