DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Data Engineering
  3. Data
  4. Privacy Secrets Your Systems May Be Unknowingly Telling

Privacy Secrets Your Systems May Be Unknowingly Telling

What secrets are your systems sharing?

Kevin Poniatowski user avatar by
Kevin Poniatowski
·
Jan. 28, 19 · Analysis
Like (1)
Save
Tweet
Share
3.80K Views

Join the DZone community and get the full member experience.

Join For Free

Permissions and Privacy in User Data

Privacy has overtaken security as a top concern for many organizations. For IT professionals, the difference between privacy and security may not be apparent. Protecting sensitive data from the prying eyes of malicious users seems to be an obvious goal of application security. But privacy is more than just protecting sensitive data. Privacy is also the users’ ability to keep their data private, no matter if the data is considered sensitive or not. Giving users the ability to control who has permission to see their data and who does not have permission is an important goal of privacy.

How to Ensure Personal Data Is Kept Personal

Many IT professionals today are unaware of exactly how to ensure users’ data is kept private, or even how to determine if the users’ privacy has been violated. Relying on a member of the IT team to “know it when they see it” is not a scalable way to ensure their users’ privacy. Often, IT staff are not subject matter experts concerning the data their organization is collecting. If the sensitivity of the data is not documented and privacy standards have not been explained to everyone who works with the data, it creates an opportunity for incorrect assumptions to be made concerning what data needs to be protected, when it needs to be protected, and where it needs to be protected.

Executing a Data Classification Policy

One of the benefits of working in a governmental or military environment is the thoroughness of data classification documentation and processes that define the secure usage of sensitive data. A member of an IT staff working in these environments does not have to make any decisions about the sensitivity of the data, minimizing the opportunity for incorrect assumptions to be made. But when an organization does not have a well-defined and consistently implemented data classification policy, it can lead to software that violates their users’ privacy, such as the exposure of a mobile phone user’s geolocation data through an app the user has installed.

Document all Sensitive Data and Create a Privacy Policy

Well implemented application security can help an organization to keep users’ data private, but security alone cannot ensure the data remains private. By thoroughly documenting the data sensitivity collected from users and by creating a privacy policy to define how that data will be protected, an organization can begin to minimize the risk of inadvertent exposure of their users’ data.

Data (computing)

Published at DZone with permission of Kevin Poniatowski, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Using the PostgreSQL Pager With MariaDB Xpand
  • PostgreSQL: Bulk Loading Data With Node.js and Sequelize
  • Top Five Tools for AI-based Test Automation
  • How Do the Docker Client and Docker Servers Work?

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: