5.5 - Explain privacy and sensitive data concepts in relation to security. Flashcards
Reputation damage (Organizational consequences
of privacy and data breaches)
– Opinion of the organization becomes negative
– Can have impact on products/services
– Can impact stock price
Identity theft (Organizational consequences
of privacy and data breaches)
– Company and/or customers info becomes public
– May require public disclosure
– Credit monitoring costs
Fines (Organizational consequences
of privacy and data breaches)
– Uber
*
Data breach in 2016 wasn’t disclosed
*
Uber paid the hackers $100,000 instead
*
Lawsuit settlement was $148 million
– Equifax
*
2017 data breach
*
Government fines were approximately $700 million
IP theft (Organizational consequences
of privacy and data breaches)
– Stealing company secrets
– Can put an org out of business
Escalation (internal + external) (Notifications of breaches)
Internal escalation process
– Breaches r often found by technicians
– Provide a process 4 making those findings known
External escalation process
– Know when to ask 4 assistance from external resources
– Security experts can find + stop an active breach
Public notifications and disclosures (Notifications of breaches)
– Refer to security breach notif laws
– All 50 US states, EU, Australia, etc.
– Delays might be allowed 4 criminal investigations
Public (data types -> classifications)
- Unclassified
- No restrictions on viewing the data
Private (data types -> classifications)
-Classified / Restricted / Internal use only
-Restricted access, may require a NDA
- Sensitive (data types -> classifications)
- Intellectual property, PII, PHI
Confidential (data types -> classifications)
- v sensitive, must be approved to view
Critical (data types -> classifications)
- Data should always be available
Proprietary (data types -> classifications)
– Data that is the property of an org
– May include trade secrets
– Often data unique to an organization
PII (Personally identifiable
information) (data types -> classifications)
– Data that can be used to identify an individual
– Name, date of birth, mother’s maiden name, biometric info
PHI (protected health information) (data types -> classifications)
– Health info associated with an individual
– Health status, health care records, payments for health care, etc
Financial information (data types -> classifications)
– Internal company financial info
– Customer financial details
Government data (data types -> classifications)
– Open data
– Transfer between government entities
– May be protected by law
Customer data (data types -> classifications)
– Data associated wth customers
– May include usr-specific details
– Legal handling reqs
Data minimization (Privacy enhancing technologies)
- seeks to reduce risk by reducing amt of sensitive info that we maintain on a regular basis
-best way = destroy data when it’s no longer necessary to meet original business purpose
-Minimal data collection
-> Only collect + retain necessary data
-Included in many regulations
->HIPAA has a “Minimum Necessary” rule
->GDPR - “Personal data shall be adequate, relevant + not excessive in relation to the purpose/s 4 which they are processed.”
-Some info may not be required
-Internal data use should be limited
->Only access data required 4 the task
Data masking (Privacy enhancing technologies)
Data obfuscation
->Hide some of the OG data
-Protects PII + other sensitive data
-May only be hidden from view
->The data may still be intact in storage
->Control the view based on permissions
-Many different techniques
->Substituting, shuffling, encrypting, masking out, etc.
Tokenization (Privacy enhancing technologies)
-Replace sensitive data with a non-sensitive placeholder
->SSN 266-12-1112 is now 691-61-8539
-Common wth credit card processing
->Use a temp token during payment
->A perp capturing the card #s can’t use them later
-This isn’t encryption or hashing
->OG data + token aren’t mathematically related
->No encryption overhead
Anonymization (Privacy enhancing technologies)
-Make it impossible to identify individual data from a dataset
->Allows 4 data use wthout priv concerns
-Many anonymization techniques
->Hashing, masking, etc.
-Convert from detailed customer purchase data
->Remove name, address, change phone number
to ### ### ####
->Keep product name, quantity, total, + sale date
-Anonymization can’t be reversed
->No way to associate the data to a usr
Pseudo-anonymization (Privacy enhancing technologies)
-Replace personal info wth pseudonyms
-Often used to maintain statistical relationships
-May be reversible
->Hide the personal data 4 daily use or in case of breach
->Convert it back 4 other processes
-Random replacement
-> James Messer > Jack O’Neill > Sam Carter > Daniel Jackson
-Consistent replacements
-> James Messer is always converted to George Hammond
Data owners (Roles and responsibilities)
-Accountable 4 specific data
->often a senior officer/exec
-delegate some responsibilities to others
-rely on advice from subject matter experts
-VP of Sales owns the customer relationship data
-Treasurer owns the financial information
Data controller (Roles and responsibilities)
-Manages the purposes + means by which personal data is processed
-determine reasons 4 processing personal info
-> direct the methods of processing that data
-mainly in European law
Data processor (Roles and responsibilities)
-Processes data on behalf of data controller
-Often a third-party or dif group
-service providers that process personal info on behalf of data controller
Data custodian/steward (Roles and responsibilities)
-Responsible 4 data accuracy, privacy, and sec
-Associates sensitivity labels to the data
-Ensures compliance wth any applicable laws + standards
-Manages access rights to the data
Data protection officer (DPO) (Roles and responsibilities)
-Responsible 4 the organization’s data priv
-Sets policies, implements processes + procedures
-individual who bears overall responsibility 4 carrying out orgs data priv efforts
-chief privacy officer = common title
Information life cycle
-Creation + receipt
->Create data internally/receive data
from a third-party
-Distribution
->Records r sorted + stored
-Use
->Make business decisions, create products + services
-Maintenance
->Ongoing data retrieval + data transfers
-Disposition
->Archiving/disposal of data
PIA - Privacy impact assessment
- Almost everything can affect priv
->New business relationships, product updates, website features, service offering
-Privacy risk needs to be identified in each initiative
->How could the process compromise customer privacy?
-Advantages
->Fix privacy issues b4 they become a prob
->Provides evidence of a focus on privacy
->Avoid data breach
->Shows the importance of priv to everyone
Terms of agreement
– Terms of use, terms and conditions (T&C)
– Legal agreement btwn service provider + usr
– usr must agree to the terms to use the service
Privacy notice
– May be required by law
– Documents the handling of personal data
– May provide additional data options +
contact info
Data stewards
-ppl who carry out the intent of the data controller
-delegated responsibility from the data controller
Data custodians
-ppl/teams who don’t have controller or stewardship responsibility BUT
-> r responsible 4 the secure safekeeping of info
