Safest Places On the Web
Computerworld - The security breaches at ChoicePoint Inc. and LexisNexis Group have us all asking the same questions: Where is my data safe? And how do I know? These are the questions I recently set out to answer, and I found some surprising results.
First, the bad news. There still isn't one widely recognized seal of approval that says a company has top-notch privacy and security. The padlock symbol on your Web browser means the session is encrypted, and Web security seals such as ScanAlert Inc.'s "Hacker Safe" mark say the Web site is protected against all known vulnerabilities. But these methods don't address the broader, organizational security practices at issue in the ChoicePoint and LexisNexis incidents.
So which companies meet this criterion? I reviewed the privacy policies of the top 50 most-visited Web sitesas measured by Jupiter Researchand the Forbes 100 largest companies in the world. It's an admittedly small sample, so I also asked Truste and my privacy professional counterparts in other organizations for their recommendations.
What did we find? This is where the surprises sprang up. (See accompanying charts.)
The largest U.S. companies are better than their European counterparts about including the European privacy principles in their online privacy notices. The EU considers the U.S. an "inadequate" destination for personal data, but you couldn't tell it by reading corporate privacy policies. Among the Forbes 100, U.S. companies comply with an average of 3.9 of the seven EU Safe Harbor principles, compared with 2.3 for EU companies.
Another surprise was the mediocre scores of the privacy policies on the most-visited U.S. Web sites. Visitors to these popular sites apparently aren't deterred by their general lack of strong privacy commitments. The typical top-50 site posts a privacy notice that addresses only 4.4 of the EU Safe Harbor principles.
I wasn't surprised that the companies with the strongest privacy policies are concentrated in the financial and technology industries, where profits depend on consumer trust in data privacy. Seventeen of the top 20 sites hail from these sectors.
- Top 3 Myths about Big Data Security : Debunking common misconceptions about big data security Big data represents massive business possibilities and competitive advantage for organizations that are able to harness and use that information. But how are...
- Magic Quadrant for Data Masking Technology IBM is a leader in Gartner Inc's Magic Quadrant for Data Masking Technology. Read the full report to learn about IBM.
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different.... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!