How to Implement a Cloud Privacy by Design System

 
 
By Karen A. Frenkel  |  Posted 06-03-2015 Email
 
 
 
 
 
 
 
 
 
  • Previous
    How to Implement a Cloud ‘Privacy by Design’ System
    Next

    How to Implement a Cloud ‘Privacy by Design’ System

    By Karen A. Frenkel
  • Previous
    Proactive, Not Reactive; Preventive, Not Remedial
    Next

    Proactive, Not Reactive; Preventive, Not Remedial

    CASB providers should define privacy controls that operate across all apps and across the organization. It's much harder to set privacy measures once a cloud app or system is already in use.
  • Previous
    Privacy Is the Default Setting
    Next

    Privacy Is the Default Setting

    Make privacy the default setting with cloud apps and services and CASB software, particularly the auditing capabilities. The CASB software should protect private user information, including cloud app access and activities, from IT administrators.
  • Previous
    Privacy Embedded Into Design
    Next

    Privacy Embedded Into Design

    User privacy controls should be core to system design, not bolted on, to make sure they work seamlessly. Mash-ups of applications and loosely integrated cloud apps can make that hard, but CASB's can monitor for privacy-oriented data loss and automatically encrypt such data.
  • Previous
    Full Functionality: Positive Sum, Not Zero Sum
    Next

    Full Functionality: Positive Sum, Not Zero Sum

    The same features that protect sensitive business data, like intellectual property, should also protect employee or customer data. CASB software should protect privacy as much as it strives for security.
  • Previous
    End-to-End Security
    Next

    End-to-End Security

    The type of data to be stored and protected is not the only consideration–duration is important, too. CASB software should not retain any customer data and should only retain metadata needed to provide security and privacy controls.
  • Previous
    Visibility and Transparency: Keep It Open
    Next

    Visibility and Transparency: Keep It Open

    It's important to include users in formulating the solution rather than dictating policy to them. Communicating about what cloud activity is being monitored and enforced is vital to keeping them happy.
  • Previous
    Respect for User Privacy: Keep It User-Centric
    Next

    Respect for User Privacy: Keep It User-Centric

    Above all, privacy and security controls should be user-centric and respect the employee experience. CASB software should generate automated user coaching messages explaining policy and provide users with an alternative to their activity.
  • Previous
    Wrapping Up
    Next

    Wrapping Up

    With the proper use of CASB software and by following the Privacy by Design framework, you can ensure that employees safely and confidently use cloud apps to get the job done while still respecting privacy.
 

In 1995, the concept of Privacy by Design was introduced in the report, "Privacy-enhancing Technologies," written by a joint team of Canadian and Dutch government computer scientists. Its goal was to take privacy into account during systems engineering and instill well-defined human values throughout. A new breed of vendors, Cloud Access Security Brokers (CASB), is cropping up to monitor security in the cloud. Rajneesh Chopra, vice president of Product Management at cloud security firm Netskope, said there's friction between employees and IT administrators over the use and control of cloud apps. "The impulse for IT is to lock down unsanctioned, or shadow IT, cloud apps, but that may interfere with the work of employees who are increasingly using cloud apps to improve their processes and capabilities…IT departments are turning to software that helps monitor the use of apps and enforces corporate data policies (creating tension between IT admins, and employees) who want to do their job without worrying about data privacy." Chopra discusses what to expect from CASB vendors in their effort to provide security and privacy in concert with the seven principles of Privacy by Design.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register