Inside the Briefcase

Augmented Reality Analytics: Transforming Data Visualization

Augmented Reality Analytics: Transforming Data Visualization

Tweet Augmented reality is transforming how data is visualized...

ITBriefcase.net Membership!

ITBriefcase.net Membership!

Tweet Register as an ITBriefcase.net member to unlock exclusive...

Women in Tech Boston

Women in Tech Boston

Hear from an industry analyst and a Fortinet customer...

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

In this interview, JumpCloud’s Antoine Jebara, co-founder and GM...

Tips And Tricks On Getting The Most Out of VPN Services

Tips And Tricks On Getting The Most Out of VPN Services

In the wake of restrictions in access to certain...

Five Places to Focus Your Privacy Efforts

October 20, 2015 No Comments

Featured article by Agathe Caffier, Senior Counsel, International Operations & Privacy Specialist, DMI

These days, there’s just no telling who’s accessing your data. It could be a social network, an ad retargeting campaign, or even a cyber criminal who’s bought your private information on the dark Web. If data is the new oil, everyone with a revenue play is going to try to syphon off their share. Privacy? What privacy?

Data collection raises concerns from users and collectors alike. End users, whether they are employees or customers, are requesting a higher level of respect towards their privacy and putting forward more questions as to how and why their personal data is handled. Data collectors, whether they be application or website developers, must be aware of these growing concerns and take appropriate steps to address them from the ground up, building best practices in privacy into the products and services they provide.

A recent survey found that 44 percent of smartphone owners worry that apps are mishandling or misusing their private information. However, one in three would provide app companies with more data about themselves if those apps could make their lives easier. Data collectors must walk a thin line in order to assuage users’ privacy concerns and still get the information they need. Below are five areas where companies can focus their privacy and security efforts for maximum benefit.

1. Risk Tolerance

Figuring out how aligned the risks that your business is facing are with your privacy and security initiatives can be very tricky. Business-minded people will always be more inclined to take a more risky approach for the sake of business innovation – and that is fine. It just needs to be clearly laid out.

2. Insider Training

We hear about stealthy hackers pulling off massive data breaches, but the sobering reality is that most breaches occur due to employee error caused by lack of appropriate training. The solution here may seem straightforward: improving security training amongst employees within the organization, ranging from basic password guidelines to restricted access policies. However, businesses are facing the issue that employees do not always apply what is learned during training, even less so when carried out through an online platform.

To make an impression that will stick, use a relevant storytelling approach specific to your audience, as well as innovative and interactive workshops to involve your employees as an integral part of your privacy solution. Classic storytelling techniques help learners retain and apply what they’ve learned.

3. Give End Users the “Why”

In a world of shrinking privacy, customers will hold onto their data unless given a good reason to share it. For example, consider the request of the user’s address when downloading a game app. Users may be reluctant to divulge this information, as the link is unclear, until they are told that it will enable the app to notify them about local meet-ups that offer live group play. Educate customers on the reasons behind requests for data collection so that they will feel more comfortable complying.

4. Follow the Data

There is no time like right now to make an assessment of how your organization is managing data, collected internally and through your apps. An audit will usually try to understand how the data that your business is collecting flows between different geographical regions and divisions. When looking at the results of the audit, it will be clear where the pain points are and which actions should be taken. Should you undergo Safe Harbor Certification? Should you update your privacy policy (or, if you do not have one, what should your privacy policy state)?

That’s a look at auditing at the organizational level. At the app level, is your app privacy-friendly? Are your “privacy” notifications (request of collection of location, access to contacts, etc.) invasive and disruptive to the user journey? Did you integrate privacy from the outset of the app-build process?

Improving your users’ experience could come down to a strong UX/UI review combined with an audit of data collection. Be transparent about data usage without being invasive to help increase user engagement and retention.

5. Revisit and Revise Privacy and Security Policies

Privacy policies need to keep pace with the rapidly changing technology landscape. This means that you can’t create a policy and then lock it away in a drawer for all time. Instead, designate a member of your team to verify whether the privacy policy needs updating on an annual basis. Such a policy is now a tool empowering you to understand your business better.

Now think about the app user’s point of view. It’s a fact of life that almost no one reads privacy policies. If you would like your user to read it, our recommendation is to make it as visual and interactive as possible.

In the final analysis, it’s important to find balance regarding privacy and security policies. Of course it’s necessary to comply with the law, but sometimes mere compliance leaves valuable opportunities to serve customers on the table. Data comes in several levels of sensitivity, so match privacy and security policies that are appropriate to each level – and then update all policies as needed. These best practices will give you and your users peace of mind and create greater trust as well.

agathe caffier

Author Bio:

Agathe Caffier, Senior Counsel, International Operations & Privacy Specialist, DMI

Agathe Caffier graduated as a business lawyer in London and is now also a Certified Information Privacy Professional (CIPP/E). As well as being the general counsel for DMI, one of the leading mobile solution providers in the world, her expertise in new technologies and privacy matters related to mobile has led her to provide privacy guidelines and audits to companies such as Vodafone, Telefonica, Anheuser Bush in Bev and many more. She regularly contributes to specialized publications and whitepapers on privacy and security.

 

Leave a Reply

(required)

(required)


ADVERTISEMENT

DTX ExCeL London

WomeninTech