Fortify Your Data Privacy
eBook - ePub

Fortify Your Data Privacy

Michael A Hudak

Share book
  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

Fortify Your Data Privacy

Michael A Hudak

Book details
Book preview
Table of contents
Citations

About This Book

What is data privacy? Why is it important? How much is your data worth? What exactly is data? Why is data privacy constantly in the news? The world has changed into a data-centric environment. It is important to learn how you can fortify your data privacy.


Fortify Your Data Privacy takes a deep dive into the world of data privacy, and how data privacy pertains to you and your business as we engage with big tech giants Google, Amazon, and Facebook. This book is part of the Fortify Your Data brand. Fortify Your Data’s mission is to help educate everyone who uses technology. Find out more at fortifyyourdata.com

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Fortify Your Data Privacy an online PDF/ePUB?
Yes, you can access Fortify Your Data Privacy by Michael A Hudak in PDF and/or ePUB format, as well as other popular books in Informatik & Cybersicherheit. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Michael Hudak
Year
2019
ISBN
9781647130879
Edition
1
Chapter 1
Understanding Data
What is data?
Before we get into data privacy (which is exactly what it sounds like it is), we should take a good look at what the term data means today. Data, as defined by Merriam-Webster is one of three things.
  • Factual information used as a basis for reasoning, discussion, or calculations.
  • Information in digital form that can be transmitted or processed
  • Information output by a sensing device or organ that includes both useful and irrelevant or redundant information and must be processed to be meaningful.
These are all valid. You can generalize and combine these definitions further to simply this: data is information.
While data as it is used today generally has a technological connotation to it, data does not have to be on a computer screen to be data. Data is data. A filing cabinet with manila folders of physical paper is a form of data storage, not different from an external hard drive. Equally important to note is that there are pros and cons to having your data physically stored or digitally stored. Each also has their own challenges when it comes to security. Both are targets for thieves, because data has value.
The data that is most frequently targeted is the data that is easiest to extract money from. Those include, but are not limited to, credit card information, social security numbers, bank account information, cryptocurrency wallet keys, health care records, and more. These examples are very typically the first things that come to mind when people think about the notorious computer hackers breaching servers to get info. Things are changing in the hacking landscape in an extremely rapid rate, and the same is true for what data hackers can monetize.
Some data is not stolen, but offered away willingly (or unknowingly) to the many consumers that accept the terms of service without reading them. The innovations that social media platforms and other internet companies seem to offer for free do, in fact, have a cost. That cost is your personal data. Whether it is your searching habits and history, your contacts in your phone, or even your email conversations – that data, your personal data, is up for grabs and offered to the tech giants you give your patronage.
While many people seem to be peripherally aware of the lack of data privacy on platforms such as Facebook, Google, and Amazon, many people do not seem to understand the amount of data that these tech giants have a hold of. In later chapters, we will take a deep dive to broaden your understanding of what data is being targeted, where that data is going, and how it is used to generate profit for those that broker your data.
Chapter 2
Data privacy
What is data privacy?
Like ‘data’, ‘data privacy’ is a term that has been around for a really long time. It’s not new. Yet, we find ourselves in a society that has a reinvigorated interest in data privacy. So what exactly is data privacy?
Data privacy relates to how a piece of information—or data—should be handled based on its relative importance. For instance, you likely wouldn’t mind sharing your name with a stranger in the process of introducing yourself, but there’s other information you wouldn’t share, at least not until you become more acquainted with that person. Open a new bank account, though, and you’ll probably be asked to share a tremendous amount of personal information, well beyond your name. There are countless situations people can find themselves in, and with those situations, there is a very large spectrum of ‘what data you are willing to offer up’.
In the digital age, we typically apply the concept of data privacy to critical personal information, also known as personally identifiable information (PII) and personal health information (PHI). This can include Social Security numbers, health, and medical records, financial data, including bank account and credit card numbers, and even basic, but still sensitive, information, such as full names, addresses and birth dates. The list of personal information can be extensive, and the list of ways other companies can profit off that that information is just as extensive if not greater.
For a business, data privacy goes beyond the PII of its employees and customers. It also includes the information that helps the company operate, whether it’s proprietary research and development data or financial information that shows how it’s spending and investing its money. Business leaders have a lot to be concerned about losing. Some businesses like Coca-Cola have very guarded secrets, such as the recipe to Coke. That is information that can be stolen. All businesses have customer lists and contracts. That is also information that can be stolen. Imagine being a business that lost that data. What would you do? Would you be concerned or just ignore the problem? What if someone held that information ransom?
Why is data privacy important?
When information that should be kept private gets in the wrong hands, bad things can happen. A data breach at a government agency can, for example, put top secret information in the hands of an enemy state. A breach at a corporation can put proprietary data in the hands of a competitor. A breach at a school could put students’ PII in the hands of criminals who could commit identity theft. A breach at a hospital or doctor’s office can put PHI in the hands of those who might misuse it. Very rarely will a breach result in a non-issue. In the cases where it might appear there is no issue, that is just a sign that you are not aware of what has been compromised. There are many drivers for why data privacy is one of the most significant issues globally. Let’s take a look at some of the largest factors.
Today, everyone in the tech space seem to acknowledge that data is one of the most valuable assets a company or an individual has, but it’s important to keep in mind it always has been. With the rise of the data economy, companies find enormous value in collecting, sharing, and using data. Companies such as Google, Facebook, and Amazon have all built empires atop the data economy.
Transparency in how businesses request consent, abide by their privacy policies and manage the data that they’ve collected is vital to building trust and accountability with customers and partners who expect privacy. Many companies have learned the importance of privacy the hard way, through highly publicized privacy fails (more on this later). Second, privacy is the right of an individual to be free from uninvited surveillance. To safely exist in one’s space and freely express one’s opinion behind closed doors is critical to living in a democratic and free society.
One of the greatest issues with transparency that we face today is that it is the antithesis of privacy. Complete transparency exists in technologies brought to us by blockchain and cryptocurrencies, however that is not conducive to keeping certain information private. There will always be information that should and needs to be kept private. One solution to this is to have a ‘centralized trusted broker’ for private data. But it poses the question ‘who is qualified to be that trusted broker of information?’
Data privacy and Data security
Organizations commonly believe that keeping sensitive data secure from hackers means they’re automatically compliant with data privacy regulations. This is not the case.
Data Security and data privacy are often used interchangeably, but there are distinct differences:
  • Data Security protects data from compromise by external attackers and malicious insiders.
  • Data Privacy governs how data is collected, shared, and used.
Imagine a scenario where you’ve gone to great lengths to secure private personal information of someone on your network (PII). In this instance, the data has been encrypted, access has been restricted, and multiple overlapping monitoring systems have been set in place. If, despite all of these measures taken, the PII was collected without proper consent, you could still be violating a data privacy regulation even though the data is secure.
Data privacy cannot exist without data protection. With that having been said, you can have data protection without data privacy. Any lock made by man can be broken by man. Always keep in mind that you cannot have data privacy without data protection.
Ensuring data privacy means that you’re not the company that collects all of your customer’s personal data – whether it is with passive location tracking, apps secretly absorbing your personal address book, or websites recording your every keystroke.
Employees must be regularly trained on data protection, so they understand the processes and procedures necessary to ensure proper collection, sharing, and use of sensitive data. You will always encounter human error. No amount of training will keep all employees from being phished or scammed at all times. Because of this, it is important to consider restrictions to who can access each device and each piece of information on the network. For example, the receptionist does not need to have access to any servers containing billing information. In most cases, the receptionist won’t have been specifically given access to the billing server, but they may, unknowingly have access to the server. That access is what needs to be mitigated.
Information privacy also encompasses the regulations required for companies to protect data. As the demand for more data protection regulations grows worldwide, global privacy requirements and demands will also expand and change at scale. However, the one constant is a desperate need for adequate data protection. This is the only way to ensure that companies are both complying with the laws at all levels in addition to guaranteeing informa...

Table of contents