Manage Learn to apply best practices and optimize your operations.

Personal online security: The role compliance professionals play

Personal online security paranoia is at an all-time high, so we've gathered our best tips to ease your compliance nerves and get you back in business.

The recent National Security Agency (NSA) scandals have plunged professionals across all industries into a data security conundrum, and IT organizations in particular are really feeling the heat. Individuals are concerned that their personal online privacy has been violated, and want assurances from organizations that the personal information they've shared is secure.

Organizations large and small are revisiting their security and compliance measures, with the mind-set that employee information accessibility, unclear contract wording and data storage in the cloud could all endanger data security. In addition, new regulations and rulings are changing the game, putting cloud programs and providers front and center.

We've searched our sister sites for articles that tackle all things IT compliance and security. These case studies, legal tips and nuggets of professional advice can help your organization map out where you're most prone to risk and damage. By calming those security and compliance anxieties, your organization can get back to business.

Using employees as added security measures

Citing the manhunt for the surviving Boston Marathon suspect, SearchCIO Executive Editor Linda Tucci recounts the moment-by-moment details one man provided via his Twitter account, despite not being an officer or reporter or even located in Boston! How was this possible? He'd breached the police scanners, tapping into a constant feed of information that he immediately and continuously relayed to the public, sans filter. That's how people receive information in today's "e-life," where expectations of privacy seem to be a thing of the past. Organizations must strategize around security protection and educate employees to be "firewalls" charged with safeguarding private data.

Why a privacy policy alone won't get the job done

According to the Federal Trade Commission's newest recommendations, most organizations' privacy plans just won't cut it in the event of a data security breach. Companies with mobile apps or websites, in particular, should be aware of the federal agency's recommendations for solidifying privacy policies. We've listed those criteria and, more importantly, the actions organizations should take to ensure personal data is safe, secure and compliant, especially when it's transmitted via a website or mobile app. Doing more to prevent a security breach than posting a privacy policy can save your company financial and legal pain. And that feeling that your private data is safe and secure? Priceless.

NSA surveillance leads to tighter data privacy policies

The NSA scandals no doubt have organizations and consumers concerned about their private data and personal online security, as well as what it means to violate privacy these days. One media publication, Money Crashers Personal Finance, took the opportunity to make its nondisclosure agreements with employees, business partners and third-party vendors as clear and concise as possible. According to Money Crashers' head of IT, this change began with business leaders, and their determination not to "put blind trust" in their employees. This article shows that being "paranoid" can lead to positive changes in your data privacy policy.

Government service publishes criteria to ensure 'user trust and respect'

"User trust and respect" is the foundation on which the U.K.'s Identity Assurance Programme Privacy and Consumer Advisory Group is being developed. The group's goal is to provide expert advice and assistance to government IT departments, ensuring that user privacy and protection are at the forefront of newly forming operations. The release of the latest version of the group's Identity and Privacy Principles gives organizations nine criteria on which to base their user security strategies -- promoting transparency and confidence in security and compliance operations and, ultimately, their user relationships.

How a multinational polling confirms worldwide online privacy concerns

Consumers worldwide are expressing concerns about whether large companies are protecting their personal online security adequately, and they want government regulators to moderate organizations' massive collection of data. British research consultancy ComRes performed a 10,000-person poll evaluating security concerns, and a staggering 75% of participants responded that they're anxious about online privacy. ComputerWeekly has reviewed the research, and concluded that fears about Big Brother -- and the need for online watchdogs -- are increasing.

Dig Deeper on Risk management and compliance

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Are employee security breaches a main concern in your organization?