CSO - Thanks to the explosion of social networking and all those nifty Web apps people use to bank and shop online, the bad guys now have an endless supply of attack vectors to steal personal data. In fact, some security industry experts have declared privacy dead.
Whatever the case may be, companies are increasingly under the regulatory gun to keep customer, employee and supplier data safe from prying eyes. At the CSO Security Standard Tuesday, attendees got a taste of what General Electric is doing to meet the challenge.
Nuala O'Connor Kelly, senior counsel and chief privacy leader for GE, started with a question for the audience: What is privacy? Answer: The right-ability to CONTROL how your personal information is used.
The trick for GE is the same as it is for most organizations -- how to achieve security without setting off animosity someone might feel about being violated.
An example of the delicate balance is the new TSA body scanners. We want to be safe on the airplane, but we don't want to be the one to walk through those new, very revealing scanners. This can present a challenge for companies that rely on extensive business travel.
In the world of social networking, the privacy is in the user's control in that they have a choice as to which details they include in something like a Facebook profile page. In that case, people have a habit of revealing too much on their own. In a sense, they are happily giving up their privacy. The thornier problem for companies is in how much information employees might put out regarding the business. The legal side of the house is therefore absorbed with making new rules on what kind of company information can be shared in the social networking arena.
Then there's the growing array of mobile devices people use for both personal and work activities. Companies face the challenge of letting those devices in while at the same time making it clear what kinds of company data is and isn't acceptable to share.
Though there's no one-size-fits-all manual for dealing with these issues, GE took one major step O'Connor Kelly believes has made a major difference: Bringing the legal and IT security sides of the house closer together.
O'Connor Kelly has worked with GE Chief Information Security Officer Grady Summers to get there, launching a GE Information Governance Council that combines the strengths of IT and legal, reviewing information management and policy issues holistically across the data life cycle.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- System and Data Protection, Recovery and Availability This white paper describes how ARCserve works and the benefits it can provide IT environments of all sizes.
- Simplifying Data Protection, Reducing Risk of Data Loss and System Downtime This white paper outlines what IT organizations should look for in a data protection solution, including simplicity and ease of deployment, comprehensive protection,...
- Boosting Storage Performance for I/O Intensive Enterprise Applications Implementing enterprise applications can be a complex undertaking for IT organizations. Successful deployments depend on high-performance storage systems that are easy to manage...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Live Webcast Unmasking the Differences between Consumer and Enterprise File Sync & Share The consumerization of IT combined with the rapid pace of the modern mobile workplace is forcing enterprise IT teams to evaluate file sync...
- Live Webcast Government Agency Webifies Outdated COBOL Applications Let this CTO tell you how his agency converted 1980s-era green screens into an e-filing portal for the 100,000 cases handled each year...
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them.
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Applications White Papers | Webcasts