Saturday, January 24, 2009

Cover Up – Your Privacy is Important

It is often claimed that most of the luxuries in life are now affordable and only one remains - privacy. Maintaining individual and business privacy in this era of pervasive technology has become increasingly difficult.

Business privacy is a concept that needs to be addressed with urgency due to the potential for serious breaches in the public’s expectations of privacy. Any organization that is a data owner (or holder) should commit itself to protecting its customers’ privacy up front and not as a back burner concern.

Your privacy is under threat from various sources. One of the most potent is the search engine. An internet search engine is a tool that can scour the global web for the results you want at the snap of your fingers.

This powerful technology can be used for good and bad purposes, just as weapons can protect or harm us. The downside is that search engines threaten personal and business privacy.

Google, a popular search engine, can be easily used to unearth information about you and your business that you don’t want people to know.

Anyone who is in the market for illicit corporate, or individual data, can take advantage of search engines’ power to acquire data to which the authors or originators of the data never intended them to have access, but which have inadvertently been left exposed.

It is unfortunately quite easy to unearth data. Google, for instance, provides special tools which are known as ‘advanced operators’. They are query words that have special meaning when used with Google.

They allow a regular user to conduct an extensive ‘drill down’ search. For example, ‘link:’ is one such advanced operator that yields all web pages that have links to a web site. For example []. These operators can be found on

As tools for obtaining private data, these advanced operators are effective. Hackers exploit the fact that companies, when designing their websites believe they have locked their front door but in fact have left a window open. These websites therefore publicize information they would want to keep secret.

There are various mechanisms and controls that should be used to safeguard privacy. Encryption, for example, should be used to protect client data on storage media. Company data should only be availed to personnel on a ‘need to know’ basis. Regular internal audits should also be conducted to ensure there aren’t any breaches of the laid out privacy policies.

Organizations must also desist from delegating responsibility for privacy issues to junior members of staff. Privacy should be championed by the Board and a senior decision maker, with the power to make important changes, should provide coordination.

In sum, organizations must embrace a higher commitment for ensuring data privacy. Any issues that are associated with privacy breaches must be addressed by those planning, designing and implementing new IT systems.

No comments: