If orange is the new black, then privacy is the new security — or at least security’s indispensable accessory. We can thank the Facebook/Cambridge Analytica debacle for raising the awareness of just how important digital privacy is. And the fact that 2017 saw a doubling of cybersecurity attacks just brings the whole dystopian data-privacy fiasco into sharp relief.
Data privacy benefits everyone. If an organization takes privacy seriously, it will put measures in place to prevent data exposure – benefitting the entire user base as well as the organization itself. Conversely, the respect shown by doing so should go towards creating better customer relationships and building trust.
So what can organizations do to ensure that they play their part in enhancing data privacy?
1) Minimize What Data You Collect
Data minimization is the first step towards an all-encompassing approach to data privacy. If you don’t need it, don’t collect it. This action reduces the privacy overhead of a system and is sometimes referred to as the “minimal dataset,” or MDS.
The minimal collection of data usually impacts the collection of personal data such as name, address and so on. For example:
- Don’t collect name prefixes such as Mrs. or Mr. unless required
- Ask yourself: do you need to know a person’s full address; could a country or state location suffice?
- Do you really need a full date of birth, or will age range do?
Data minimization also extends to any questions asked in, for example, a survey. Avoid collecting sensitive information in such surveys — if you don’t need to ask for personal data during a survey, don’t.
Reducing the amount of sensitive or personal data you collect is beneficial for both your customers and your business. If you don’t have something, you don’t have to look after it.
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Susan Morrow. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/i7kiECSXeQc/