Imagine this grim scenario: An armed gunman opens fire on a crowd before turning the weapon on himself. When police arrive at the scene, they find the suspect’s smartphone and, seeking clues to his motive, use the dead man’s fingerprint to unlock his device and access the information inside.
Most people might agree it’s ethical for law enforcement to unlock the phone in this specific situation. But what if—instead of a shooting suspect—police used the fingerprint of a victim or someone alive but unconscious from drug use. What would that mean for data privacy and data ethics at large?
From identifying rights and setting permissions to developing protection and keeping up with cyberthreats, the world of personal data is a complex new territory with more slippery slopes than most organizations are prepared to handle.
Navigate a new world of data privacy
While tracking down a suspected serial killer using their personal data is gratifying (as was the case with the Golden State Killer), it sets a broad precedent and begs the question: Who deserves permission to access others’ data? How is transferred data protected? And, in cases like the Cambridge Analytica debacle, what happens when innocent bystanders’ data is caught in the crossfire?
Each new case of data misuse and negligence raises more questions than answers, and legislators are struggling to keep up. In many ways, organizations are only beginning to understand the gravity of their responsibilities and the potentially ruinous consequences of making a mistake when collecting and storing data.
While the debate over civil liberties in the digital age roils on, IT professionals have to contend with yet another facet of the data privacy conversation. In the wake of the General Data Protection Regulation (GDPR) and other compliance requirements, the herculean task of protecting customer data now rests squarely on the shoulders of IT.
Ease the data privacy headache
While the rest of the world hashes out ownership, permission, and data consent, IT pros are burdened with making sure their organization doesn’t make headlines with the next public breach. With evolving compliance regulations and a building full of users who aren’t always up to date on the latest mobile security best practices, protecting data is a tall order. Here are a few tips to help you wrangle your data and keep sensitive information safe:
- Hold regular, mandatory security trainings. Anyone who brings an unsecured device into your environment or opens the wrong email could put your company at risk. Make sure all employees are well versed in security best practices and compliant with your mobile security guidelines.
- Secure all endpoints. When was the last time you took inventory of all your endpoints to eliminate potential vulnerabilities? It might be time for an IT infrastructure checkup.
- Don’t forget data in transit. Users are sending and receiving data all day long. Are all those methods safe—even data sent to the printer?
When it comes to data privacy in the digital age, IT pros are not only charged with guarding information but also with leading the way into this largely uncharted territory. While it still might not be clear who should be allowed to access other people’s data, keeping your customers’ data well protected will help you rest just a little easier.