Of Privacy, Security and Compliance – Facts and Such
By Tanu Sood-Oracle on Apr 03, 2013
FACT: Live tweet chat tomorrow, Thurs, Apr 4 at 10 am PDT/ 1 pm EDT, on Privacy featuring well known Privacy expert and the Commissioner for Information & Privacy for Ontario, Dr. Ann Cavoukian along with other industry thought leaders.
OPINION: Privacy is the not the same as Security which is not the same as Compliance. And yet you need all three to not only protect your brand and to manage customer relationships but also to enable business growth via traditional, social, mobile and cloud computing channels.
OPINION: The common denominator across Privacy, Security and Compliance is Context. For Privacy, you need to be up front about what you are going to disclose, to whom, for what purpose, when and via what channel(s) and perhaps the scope of disclosure too. For Security, you need to understand authentication, authorization and administration context. Who needs access to what, when, for how long? And btw, has it been verified that you are who you say you are? If not, I’d need context for your user authentication. For compliance and audit, again the question – who has access to what, approved and administered by whom, when and what the person did with that access. So, context is key!
OPINION: Contrary to popular belief, Privacy, Security and Compliance are not at cross-hairs with business growth or user experience. Customers who know their information, interactions are secure when dealing with your organization tend to make for happy, satisfied and loyal customers. Allowing seamless yet secure access via social and mobile channels or enabling access to cloud applications securely – all part of the master plan to enable friendly user experience and customer trust intact.
OPINION: No one size fits all for defining Privacy, Security and Compliance plans. Regions, industries, business units and more all add to the mix. So, while it makes sense to build in Security, Privacy and Compliance in your architecture plans versus bolting it on afterwards, IT or Privacy teams alone can’t be the sole stakeholders.
FACT: All opinions are incidentally up for debate and discussion. We will be hosting and participating in the Privacy conversation tomorrow. Feel free to challenge us, ask your own questions and add your commentary. #PrivQA tmrw at 10 am PDT/ 1 pm EDT on twitter
FACT: We look forward to hearing from you!