Security & Privacy
Security and Privacy, are they different sides of the same coin? Interestingly enough, in most organizations there is an Information Security officer and there is a Privacy Officer. The question is whether or not they work together toward a common objective or work at opposite ends of the underlying challenge: protecting sensitive data. In a perfect world, the two should go hand and hand, like peanut butter and jelly or eggs and bacon.
The information security officer strives to support the privacy requirements of sensitive data by using technology to protect the data from loss, theft, or misuse. While the privacy officer works to ensure that everyone understands the appropriate use or sharing of the sensitive data as dictated by all applicable laws, mandates or organizational policy. Hence a natural partnership should be inevitable.
All-in-all the challenge of securing and maintaining the privacy of sensitive data should combine three key elements: policy, awareness, and technology. Read more under each section for specific approaches to securing and monitoring the use, access, and protection of sensitive data.