privacy please sign in hotel door

Many of the recent data breaches that have affected high-profile companies have presented consumers, organizations and privacy professionals with the same question: Is data truly the new money?

Some companies say it is, and they are beginning to accept personal information in lieu of money. One example of this is a cafe near Brown University that offers students free coffee in exchange for their personal information — including their names, phone numbers, email addresses and college majors. But consumers, companies and privacy professionals are also facing another related question: If data truly is the new money, shouldn’t we be treating personal information with the same level of care that we treat cash?

While many companies, including Facebook and Google, have offered largely free services in exchange for the data they harvest from their users, other organizations, like Apple, have taken a different approach. Apple, for instance, touts its privacy ecosystems as a competitive advantage — and in fact, privacy may be one of the most attractive features for Apple’s loyal customer base. 

That customer loyalty is due in part to Apple’s claims that it has a closed privacy ecosystem and that it maintains strong control over its partners and takes a hard, consistent line in protecting its customers’ privacy.

Related Article: How to Address Consumer AI Privacy Concerns

Make Privacy and Security a Priority

No matter what type of organization you work for, it’s likely that you will face complex decisions about how and to what extent you should protect the personal information of your customers and employees. Privacy and security are neither free nor easy, but both are something that the entire organization — from the top down — needs to prioritize in order for data to be as protected as possible. At the end of the day, companies must ensure not only that information is available to those who should have access to it, but also that it is protected from those who should not.

Traditionally, best practices for security have focused on building walls around the perimeter of an organization’s data to keep people out and information in. But the challenge with this approach is that you’re always in defensive mode to protect against potential cyberattacks and data breaches.

Related Article: Why Enterprises Are Looking to Blockchain for Better Data Privacy

Take a Holistic Approach to Security and Privacy

While this kind of perimeter-based security is important, it’s only one component in developing a more robust, layered approach. Organizations must also look at their information from a holistic standpoint. At rest or in motion, data doesn’t just flow in and out of an organization. Instead, it flows through a number of gateways, including file shares, websites, web applications and various communication systems. By thinking holistically about how data moves through their companies — and how they can manage that data from a compliance and data classification standpoint to maintain visibility and control — organizations can better protect their information and help prevent cyberattacks.

How can organizations ensure that they implement a data privacy and security plan that is automated and targeted toward all of their needs? Creating an overarching system across all of their various information gateways will allow organizations to achieve compliance and prove that they have done so — whether they need to offer that proof internally or to auditors or regulators.

If you follow such a strategy, you will be able to begin to define your privacy and data policies by understanding where your sensitive data lives within your IT systems — and which systems contain this type of sensitive information, and which do not.

In today’s data-breach-prone landscape, concerns around information security, privacy, surveillance and access have never been more prevalent. With this in mind, businesses must work hard to earn the trust of their customers. Because once that trust is lost, it’s very difficult to regain.

To avoid losing their customers’ trust, organizations must put proper security and privacy measures in place to protect themselves from falling victim to a data breach or cyberattack.