SNA

HOME
NEWS

How Private is Your Data?

How Private is Your Data?

Prabhuraj Patil, Commercial Director, Physical Access Control Solutions, South Asia, HID Global

 

The world is expected to produce and consume 94 zettabytes of data in 2022 - an amount that will skyrocket to 463 zettabytes per day by 2025. (Raconteur, 2020). It’s an almost unfathomable volume of information to which each Internet user contributes about 1.7 megabytes per second or nearly 147,000 megabytes per day.


Yet very little of that data is safe from prying eyes and bad actors. By the end of 2022, cybercrime will carry an expected cost of $6 trillion rising to $10.5 trillion by 2025. It doesn’t have to be this way, however. About 80% of data breaches could be prevented with good cyber hygiene practices and education, particularly considering recent findings that about 97% cannot identify a phishing email, leaving 1 in 25 to click on them and open themselves and their data up to cyberattack.


Leaving things to chance is simply not an option, as cyberattacks have emerged as the fastest growing crime worldwide, led in the U.S. by phishing (38%) and network intrusions (32%).


Thus, in the world of data privacy, knowledge is power and regulatory compliance is paramount.


Privacy vs. Security
While data privacy and data security are related, understanding the differences is the imperative first step toward keeping the personally identifiable information (PII) hackers and other bad actors covet safe from harm.


Data security is the process by which PII is kept safe from breaches, cyberattacks and other unauthorized access. It refers to the actions taken to ensure data is accurate, reliable, available to authorized users, and safe from accidental or intentional disclosure. Data privacy, on the other hand, refers to governance – the policies and procedures that dictate how data is collected, stored, and shared.


Privacy Regulations
Worldwide, data privacy mandates are piecemeal at best. The United States, for example, does not have federal regulations governing data protections; rather individual states are passing laws to protect its citizens. This creates a complex compliance web for organizations that operate in multiple jurisdictions. The European Union (EU), on the other hand, has enacted what many consider to be the toughest and most far-reaching privacy and security laws in the world. The general data protection regulation (GDPR) applies to any company or organization that markets goods and/or services to EU residents regardless of their country of origin. The GDPR is built upon seven key principles – lawfulness, fairness and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality, and accountability – that guide how PII is handled. Failure to comply can result in massive financial penalties, as Amazon discovered when it was hit with a €746 million (~$776 million) fine for carrying out advertising targeting without proper consent. Whatsapp was hit with a €225 million (~$234 million) fine for transparency violations.


Shared Responsibility
While laws and reputations can force companies and other organizations to protect PII, there remains a level of personal responsibility to not only understand risks but to also practice proper cyber hygiene rather than relying on the data privacy and security policies and procedures of others. At its most basic, good cyber hygiene is protecting what you share online, for example not advertising your planned vacation on social media and taking care not to post photos or other documents that might inadvertently reveal PII. Truly effective cyber hygiene goes beyond what you share to ensure your data is safe regardless of where and how you store it. Understand encryption levels available for personal computers, smartphones, and any other connected device, and devise strong passwords that are changed frequently. Keep software updated, which helps close any security gaps that developers are made aware of. The organizations that collect, store, and share PII are equally responsible for data privacy. Regulatory compliance – while important – should be considered the PII protection floor in most cases. It is imperative to gain a comprehensive understanding of an organization’s privacy and security practices before entrusting data to it.


Building Data Trust
KPMG shares several recommended actions organizations can take to shore up what it has identified as the four anchors of trusted analytics, which are quality, resilience, effectiveness, and integrity. These are:
Assess trust gaps by performing an initial assessment to see where trusted analytics are most needed and can therefore be the primary focus.


Clarify and align goals so the organization’s purpose for collecting data and running analytics is clear for all involved. An important aspect of this goal setting is to measure performance and impact and share that information with users.


Raise awareness of data and analytics to increase internal engagement among users, including creating a team of decision-makers and IT/business leaders for collaboration.


Build organizational expertise in analytics quality assurance.


Improve and encourage transparency by enabling independent assessments by creating cross-functional teams, third-party reviews, peer reviews, and stronger quality assurance processes.


Build ecosystems that eliminate silos and examine the value and risk that data and analytics can bring to the organization and create cross-departmental teams to build data and analytics communities.


Develop a model for innovation and incentivize employees and teams for innovative processes.


By taking a proactive approach to hardening anchors, organizations can build an environment of trust in its data privacy and security.


Function over Form
Ultimately, the most important consideration when determining the privacy and security of PII is just how high a priority it is for any organization that touches data. More user-friendly options are attractive, but they should not outrank system privacy and PII protection.
Data, especially, personal data, is of enormous value to the organizations who control it. Its protection should be paramount. Which is why individuals have the right to understand how well it is safeguarded by those to whom it has been entrusted. Most importantly, when the organization “borrowing” their data is not sufficiently transparent about its use and protection protocols, the owners have every right to be forgotten –to have their personal data deleted or “erased” upon request – when information on safeguards is not sufficiently transparent.


The best protection is to ensure PII is shared with only those who place the highest priority on its safety.

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Quick Heal, SEQRITE and Tata Tele Business Services together to offer cybersecurity solutions to Enterprise customers
Technology

Quick Heal, SEQRITE and Tata Tele Business Services together to offer cybersecurity solutions to Enterprise customers

by VARINDIA 2023-09-22
Sophos outperforms in MITRE Engenuity ATT&CK Evaluations
Technology

Sophos outperforms in MITRE Engenuity ATT&CK Evaluations

by VARINDIA 2023-09-21
Cisco announces Secure Application, offers expanded visibility and intelligent business risk insights
Technology

Cisco announces Secure Application, offers expanded visibility and intelligent business risk insights

by VARINDIA 2023-09-15
SOFTWARE
View All
Elastic launches AI Assistant for Observability, general availability of Universal Profiling
Technology

Elastic launches AI Assistant for Observability, general availability of Universal Profiling

by VARINDIA 2023-09-21
Red Hat together with Intel to deliver Open Source Industrial Automation
Technology

Red Hat together with Intel to deliver Open Source Industrial Automation

by VARINDIA 2023-09-21
Dell intros latest generation of VxRail
Technology

Dell intros latest generation of VxRail

by VARINDIA 2023-09-20
START - UP
View All
Datacultr expands its reach to LATAM and Africa Regions
Technology

Datacultr expands its reach to LATAM and Africa Regions

by VARINDIA 2023-09-05
Indium Software Recognized as One of America's Fastest-Growing Technology Companies
Technology

Indium Software Recognized as One of America's Fastest-Growing Technology Companies

by VARINDIA 2023-08-21
HC dismisses Indian startups plea against Google's billing policy
Technology

HC dismisses Indian startups plea against Google's billing policy

by VARINDIA 2023-08-05

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
Accenture Invests in Writer to Accelerate Enterprise Use of Generative AI

Accenture Invests in Writer to Accelerate Enterprise Use of Generative AI

by VARINDIA
VIAVI wins funding for three projects in DSIT ONE competition

VIAVI wins funding for three projects in DSIT ONE competition

by VARINDIA
Comviva partners with XoXoday to revolutionize loyalty experiences

Comviva partners with XoXoday to revolutionize loyalty experiences

by VARINDIA
ManageEngine Named a Challenger in the 2023 Gartner® Magic Quadrant™ for PAM

ManageEngine Named a Challenger in the 2023 Gartner® Magic Quadrant™ for PAM

by VARINDIA
Standard Chartered Bank teams up with Cummins Technologies to digitalise incentive payments to mechanics

Standard Chartered Bank teams up with Cummins Technologies to digitalise incentive payments to mechanics

by VARINDIA
Genesys and Salesforce announce AI-powered customer experience solution

Genesys and Salesforce announce AI-powered customer experience solution

by VARINDIA
GIGABYTE rolls out two White Motherboards

GIGABYTE rolls out two White Motherboards

by VARINDIA
HCLTech to help Elders in its next phase of digital transformation

HCLTech to help Elders in its next phase of digital transformation

by VARINDIA
Tech Mahindra announces generative AI powered Ops amplifAIer for IT support engineers

Tech Mahindra announces generative AI powered Ops amplifAIer for IT support engineers

by VARINDIA
Apollo Hospitals partners with Google Cloud to boost India’s healthcare ecosystem

Apollo Hospitals partners with Google Cloud to boost India’s healthcare ecosystem

by VARINDIA