How to Implement a Cloud Privacy by Design System

Karen A. Frenkel Avatar

Updated on:

How to Implement a Cloud ‘Privacy by Design’ System

How to Implement a Cloud ‘Privacy by Design’ SystemHow to Implement a Cloud ‘Privacy by Design’ System

By Karen A. Frenkel

Proactive, Not Reactive; Preventive, Not RemedialProactive, Not Reactive; Preventive, Not Remedial

CASB providers should define privacy controls that operate across all apps and across the organization. It’s much harder to set privacy measures once a cloud app or system is already in use.

Privacy Is the Default SettingPrivacy Is the Default Setting

Make privacy the default setting with cloud apps and services and CASB software, particularly the auditing capabilities. The CASB software should protect private user information, including cloud app access and activities, from IT administrators.

Privacy Embedded Into DesignPrivacy Embedded Into Design

User privacy controls should be core to system design, not bolted on, to make sure they work seamlessly. Mash-ups of applications and loosely integrated cloud apps can make that hard, but CASB’s can monitor for privacy-oriented data loss and automatically encrypt such data.

Full Functionality: Positive Sum, Not Zero SumFull Functionality: Positive Sum, Not Zero Sum

The same features that protect sensitive business data, like intellectual property, should also protect employee or customer data. CASB software should protect privacy as much as it strives for security.

End-to-End SecurityEnd-to-End Security

The type of data to be stored and protected is not the only consideration–duration is important, too. CASB software should not retain any customer data and should only retain metadata needed to provide security and privacy controls.

Visibility and Transparency: Keep It OpenVisibility and Transparency: Keep It Open

It’s important to include users in formulating the solution rather than dictating policy to them. Communicating about what cloud activity is being monitored and enforced is vital to keeping them happy.

Respect for User Privacy: Keep It User-CentricRespect for User Privacy: Keep It User-Centric

Above all, privacy and security controls should be user-centric and respect the employee experience. CASB software should generate automated user coaching messages explaining policy and provide users with an alternative to their activity.

Wrapping UpWrapping Up

With the proper use of CASB software and by following the Privacy by Design framework, you can ensure that employees safely and confidently use cloud apps to get the job done while still respecting privacy.

Karen A. Frenkel Avatar