2Take a Page From EMEA’s Book
U.S.-based organizations need to place a greater emphasis on personal data protection. European businesses prioritize these efforts, and, as a result, the citizenry in the European Union maintains considerably more control over private data than their counterparts in the U.S. The mindset behind these actions is that users own their data and can relinquish its control as they see fit. Conversely, many American companies own and can monetize the personal data and other user data that they collect. Seek vendors that follow EMEA’s lead to give you an acceptable level of control over your own data.
3Get Proactive About Data Protection
Most end users can be categorized as privacy-sensitive or privacy-complacent. Some are aware of potential risks and may take measures to prevent them, but others are completely inactive when it comes to protecting their data. As an IT pro, you should prioritize technologies that make security and privacy as transparent as possible to the end user. By mutually improving user experience and the protection of user information, your business will reduce risk.
4Support Data Privacy, Not Just Security
The mega-breaches of the past few years have taught American businesses an important lesson: Maintaining the privacy of users’ personal data is just as important as keeping corporate data secure. According to the Ponemon study, only 57 percent of IT security practitioners are either very familiar or familiar with their organizations’ security and data privacy policies or requirements. Organizations should place importance on keeping data private through secure messaging, and, by leveraging the flexibility afforded by open-source software, implement tools that work to protect data.
5Recognize the Limitations of Proprietary Software
Proprietary software and open-source software are fundamentally at opposite ends of the transparency spectrum. The ability to review code is becoming a necessary practice to ensure that no intentional or unintentional back doors exist in software. This is particularly important for privacy tools, such as encryption software, because some governments and government officials are now calling for encryption back doors.
6Check Out Commercial Open-Source Software
Open-source software projects ensure transparency, enabling community collaboration to improve overall quality. But, for many organizations, relying on the open-source community alone is not a viable support option, although it can be a valuable first line of defense. In commercial open source, the guarantee established by a vendor’s backing ensures that product support will be available and lets the user know the product is commercially viable and suited for even nontechnical end users.
7Implement Secure Collaboration
Be sure that the messaging and collaboration solution you select has native functionalities that provide secure services. This should include the secure versions of messaging protocols, complete life cycle management of user accounts, and the ability to layer on additional security and privacy features, such as encryption, digital signatures and two-factor authentication.
8Create Behavioral Guidelines for Employees
Ponemon found that 89 percent of employees do not follow company policies about sharing confidential documents, while 74 percent use unauthorized messaging applications—both of which unduly increase a company’s risk exposure. Create clear policies for secure collaboration, educate end users about the risks associated with shadow IT and provide timely attack information, such as ongoing spear-phishing attacks aimed at your company.
9Contribute to the Open-Source Community
Open source is a self-policing community, one that holds users and vendors accountable for their actions and inspires them to contribute. By encouraging your employees to become active contributors, you’ll help improve the overall quality of an open-source project, which will lead to more secure software on the market and in your company.