A subject near and dear to my heart. I was a victim many years ago, and let me tell you that even the slightest incident can have serious ripple effects. Everyone is truly at risk and in many cases the repercussions of traditional “sifting through your garbage ID theft” can now be felt with far less effort by the would-be theft. If users are careful and take appropriate steps like some of the items I listed above, they can weed themselves out of the pool of easy targets; a bit of “The ‘Club’ for your car” effect.
Let's discuss the enterprise for a bit. When should an organization deploy a global strategy related to privacy compliance?
Just like other security policies and compliance programs, privacy compliance should be part of enterprise risk mitigation strategy, and it deserves senior management-level discussion on a regular basis. I have seen both internal privacy policies involving holding of information about customers or employees, and external privacy policies around how an enterprise protects itself out on the open Internet either from a research standpoint involving a new product release, or even just some insurance against negative PR caused by online activity under the corporate identity. In either case, policies and the technologies that support them need to be in place ahead of the curve. Acting reactionary can serve to be a most costly mistake.
What do you see your clients most worried about?
Interestingly enough, we serve three distinct business sectors: consumers, enterprises and the government. Each certainly has their own concerns relative to what they are trying to accomplish, but they all stem from the basic concept of not leaving a digital footprint online. Our business is a balancing act of addressing known threats and working toward staying ahead of the unknown.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.