CSO - Thanks to the explosion of social networking and all those nifty Web apps people use to bank and shop online, the bad guys now have an endless supply of attack vectors to steal personal data. In fact, some security industry experts have declared privacy dead.
Whatever the case may be, companies are increasingly under the regulatory gun to keep customer, employee and supplier data safe from prying eyes. At the CSO Security Standard Tuesday, attendees got a taste of what General Electric is doing to meet the challenge.
Nuala O'Connor Kelly, senior counsel and chief privacy leader for GE, started with a question for the audience: What is privacy? Answer: The right-ability to CONTROL how your personal information is used.
The trick for GE is the same as it is for most organizations -- how to achieve security without setting off animosity someone might feel about being violated.
An example of the delicate balance is the new TSA body scanners. We want to be safe on the airplane, but we don't want to be the one to walk through those new, very revealing scanners. This can present a challenge for companies that rely on extensive business travel.
In the world of social networking, the privacy is in the user's control in that they have a choice as to which details they include in something like a Facebook profile page. In that case, people have a habit of revealing too much on their own. In a sense, they are happily giving up their privacy. The thornier problem for companies is in how much information employees might put out regarding the business. The legal side of the house is therefore absorbed with making new rules on what kind of company information can be shared in the social networking arena.
Then there's the growing array of mobile devices people use for both personal and work activities. Companies face the challenge of letting those devices in while at the same time making it clear what kinds of company data is and isn't acceptable to share.
Though there's no one-size-fits-all manual for dealing with these issues, GE took one major step O'Connor Kelly believes has made a major difference: Bringing the legal and IT security sides of the house closer together.
O'Connor Kelly has worked with GE Chief Information Security Officer Grady Summers to get there, launching a GE Information Governance Council that combines the strengths of IT and legal, reviewing information management and policy issues holistically across the data life cycle.
- Five Steps to Achieve Success in your Application Security Program This white paper provides a general framework your organization can use to create or build upon an application security program. It includes guidelines...
- Unlock the Value of Enterprise Mobility Download this guide and learn how to manage the secure deployment of enterprise mobile apps and data, while still encouraging the levels of...
- Rebranded Quadmark revamps its IT solutions with Google Apps Switching to Google Apps halved Quadmark's IT admin costs while achieving 10% time savings per employee. The global consulting firm now spends 80%...
- Manufacturing Outlook: Improving time to market, operational effectiveness and innovation in a highly competitive environment An enterprise project portfolio management solution can help manufacturers position themselves in the new competitive landscape.
- Live Webcast
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
- Video Stream Quality Impacts Viewer Behavior This scientific white paper, using statistical data from Amakai's streaming network, analyzes how changes in video quality cause changes in viewer behavior.
- Service-Enabling CICS Applications: Best Practices This informative webcast provides an informed, thorough look into CICS service-enablement options and how they can affect your environment. You'll learn how to... All Applications White Papers | Webcasts