Data Policy is Fundamental for Trust

Data Policy Trust

Consumers once owned and protected their data independent of anyone else. Handwritten letters, paper bank statements, medical records locked up in a doctor’s office were once the norm. The online era of digitalization and social media has ensured this is no longer the case. The responsibility for both the security and privacy of data is rapidly becoming a joint effort between consumers, Service Providers and businesses as all three groups begin to coalesce around the concept of trust.

Reservoirs of information are being generated daily through the capture, distribution, storage, and analysis of data. IDC calls this the “global datasphere” and it is rapidly growing to a tune of 175 Zettabytes (ZB) by 2025 up from 33 ZB today. There is a massive multiplier effect also taking place as data creates data unto itself and can start to become far removed from the person impacted by it or making decisions with it.

We can all agree in order to make good decisions, you need good data. However, questions about the process have begun to emerge: Can I trust the data? Can I trust how it was collected? Can I trust how it was distributed? Can I trust how it’s stored? Having faith in the systems that touch the data every step of the way is essential. We used to take it for granted, yet major corporations have recently shown us how easily it can be abused. Now more than ever, organisations need to demonstrate they understand the seriousness of this responsibility with the actions they take. Respect for policy and respect for privacy will be a big part of the decisions on where to place data moving forward.

Cloud providers, social media companies, data center providers, businesses, and even governments, all need policies that put security by design and privacy by design as the fundamental pillars to build upon when it comes to protecting data. Consequences will be catastrophic if we don’t do the right thing in the right way in the right order.

Security by design comprises of the policies and procedures data center operators put in place to ensure the campus is safe from external threats and attacks. This includes the physical components of data center that need to be protected from any sort of theft or malicious attack –  the connectivity, infrastructure, cabinets, etc. There are many long standing best practices in this field that make this pillar no less complex, but certainly more straightforward.

Privacy by design, on the other hand, needs to secure the data you can’t physically see. It’s not just protecting data from bad actors with dishonorable intentions either. It also needs to take into account human error in both individuals and within companies. Human nature is to make mistakes, but organizations need to have an awareness of those mistakes and understand the impact to society. It can’t be 100% accurate all the time, nor should the expectation be that.

When you look at flying in an airplane or driving a car, mistakes happen that can have deadly consequences, but society still carries on using those modes of transportation. Over the decades the aviation and automobile industries have had to figure out how to make transportation safer. We never expected people to stop driving or flying.

It should be the same in how we think about our data. Data will continue to be created. It’s not realistic to think individuals will stop using devices to prevent that from happening. However, it is up to the content generators, service providers, data center industry, etc. to determine how to make it safe for everyone to use. Consumers also need to not just tick the box when the terms and conditions pop up on a website. They have a duty to better educate themselves on what they are willing to give up in order to take advantage of the conveniences that are readily available. This is the foundation for building trust in a digital age – a responsibility we all share.

By Garry Connolly

Dmitry Chekalin
How Much Should a Modern Website Cost? A website is a valuable instrument for growing your business. Your website presents your brand to users. Also, it compels your prospects to become your customers. So, how ...
Rahul
How to Start Your Cloud Career Cloud computing is the present. And it is the future as well!! In fact, a quote by Chris Howard says, ‘Cloud Computing is a spectrum of things complementing one ...
Cloud Image Migration
Effective Cloud Migration Monitoring The global pandemic witnessed the digital transformation of businesses in the cloud.  Today, even as the world resumes to normal, the end-to-end innovation in business strategies has kept the momentum going ...
Gary Bernstein
Using Data to Gain Advantages Data collection is now omnipresent in every sector of the global economy. Several aspects of modern economic activity would not be possible without it, just as it would not be ...
Alex Vakulov
Ransomware Database Targeting The scourge of ransomware is undoubtedly the most severe cyber security concern for home users and organizations these days. It revolves around taking important data hostage and demanding money, usually hard-to-trace cryptocurrency ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.