Q&A: Views on Privacy and Identity Theft
by Mirko Zorz - Tuesday, 12 August 2008.
Let's discuss the enterprise for a bit. When should an organization deploy a global strategy related to privacy compliance?

Just like other security policies and compliance programs, privacy compliance should be part of enterprise risk mitigation strategy, and it deserves senior management-level discussion on a regular basis. I have seen both internal privacy policies involving holding of information about customers or employees, and external privacy policies around how an enterprise protects itself out on the open Internet either from a research standpoint involving a new product release, or even just some insurance against negative PR caused by online activity under the corporate identity. In either case, policies and the technologies that support them need to be in place ahead of the curve. Acting reactionary can serve to be a most costly mistake.

What do you see your clients most worried about?

Interestingly enough, we serve three distinct business sectors: consumers, enterprises and the government. Each certainly has their own concerns relative to what they are trying to accomplish, but they all stem from the basic concept of not leaving a digital footprint online. Our business is a balancing act of addressing known threats and working toward staying ahead of the unknown.


Credential manager system used by Cisco, IBM, F5 has been breached

Pearson VUE is part of Pearson, the world's largest learning company. Over 450 credential owners (including IT organizations such as IBM, Adobe, etc.) across the globe use the company's solutions to develop, manage, deliver and grow their testing programs.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Nov 25th