At a time when end-users are demanding more accountability and trustworthiness from organizations about how their data is used and accessed, it’s time for IT leaders to evaluate the importance of data collection, compliance and the challenges of securing data in the increasingly complex regulatory landscape.
According to the Pew Research Center, 79% of Americans report being concerned about how companies use their data. Since there is no U.S. law covering privacy for all types of data, existing data privacy laws are constantly changing, creating confusion and complexity among tech companies trying to follow them. In addition, the hybrid work model has also significantly changed the privacy game. That’s why we asked security leaders how companies should improve their privacy regulations to keep data private.
Here are their top 5 recommendations:
1. Split Silo and Aggregate Data into One Repository
“IT companies must break down their silos of personal information, consolidating them into a repository that is visible to the entire business. Companies can continue to monitor to determine risks or violations of compliance with many regulations that they must follow.They also make it easier to monitor customer data requests to ensure a timely and accurate response.Having a consistent, repetitive process in place is allows companies to measure and adapt to change more easily and effectively communicate at all levels.Reducing redundancy, time consuming, and inconsistent manual processes to integrate integrating regulations and verifying compliance increases efficiency and lowers cost. ”
Vasant Balasubramanian, VP and GM of risk, ServiceNow
Vasant Balasubramanian, VP and GM of risk, ServiceNowSee More: Golden Copy: The Key to Strengthening Your Backup Strategy
2. Work with Leadership to Run Regular Data Privacy Laws Compliance Checks
“IT and security teams can work with their company’s management to use functions such as compliance checks to ensure they comply with new data privacy laws. Effective IT teams need more than just subject matter expertise-they need to understand the role of security in the growth of the business and its interaction with the rest of the organization, and how the law affects their operations. . Implementing technology solutions to automate routine security functions can improve productivity by allowing the team to focus on its primary responsibility of protecting the organization against cyber threats, while maintaining a close eye on how local and regional laws are evolving. “
Anant Adya |, SVP of cloud, infrastructure and security (CIS) services, InfosysSee More: Worried About Online Privacy? Check out these 5 Privacy-Centric Browsers
3. Emphasize Regulatory Alignment for Improved Data Privacy Compliance
“Tech companies need to shift their focus to data sovereignty clouds to keep data within their geographical location. For many companies, the rising pressure to respect data privacy is seen as an obstacle, but consumer privacy becomes the core of the business strategy once implemented.
Meeting the new legislative requirements is the responsibility of every business, and ultimately it is the responsibility of CIOs and business leadership. Organizations need to navigate data control (of which many models of shared responsibility are placed on tenants) and efficiency; in the economy to match business needs. This means that our digital economy will require more regulatory alignment to drive improved compliance, service levels, and cloud economics to give way going forward. “
Rick Vanover, senior director of product strategy, VeeamSee More: 6 Ways To Recover Data From Ransomware Attacks
4. Make the New Privacy Regulations an Opportunity Instead of a Restriction
“Compliance is a top priority in 2022. In addition to strict compliance, the focus will increasingly be placed on data management and data quality programs, with workflows in place to identify data loops and more. more potential problems. Historically, data management has fallen into IT, but to make the new regulations an opportunity rather than a restriction, all business leaders must be prepared to manage an implicit contract with customers – a changing the value of personal data for a relevant and personalized customer experience. Focusing on preferences and quality management will greatly help to meet both legal and customer expectations for data. “
Stephen Zisk, senior product manager, Redpoint Global5. Strengthen Data Protection Efforts By Understanding How Data Is Processed
“From a software producer’s perspective, changing data protection law is particularly difficult without a clear understanding of how data is processed by various elements in our software supply chains. For example. , if you consider a software library created by a supplier that logs its activity, it is quite possible that those log entries may contain data that is considered sensitive under that particular law. knowing what software capabilities exist within the software supply chain is essential to data protection and software security efforts. ”
Tim Mackey, principal security strategist, Synopsys Cybersecurity Research CenterSee more: Why Security Is Not Equal to Privacy
Which of these tips do you implement in your organization? Comment below or let us know LinkedIn, Twitter, o Facebook. We want to hear from you!
MORE DATA PRIVACY: