Getting products to market as fast as possible is essential to your company’s survival but taking shortcuts on data security and privacy can be very costly. As you aim to balance speed and security, you should be aware of the most common data privacy and security pitfalls that companies must avoid protecting sensitive customer data:
1. Not managing the flow of sensitive data: When your team rushes to build and ship new products and features, they might neglect to manage the flow of sensitive data through their systems. Personally identifiable information (PII) like names, phone numbers, email and mailing addresses, and other sensitive data is critical for workflows like identity verification – but that doesn’t mean every service should have access to it.
Sensitive data sprawl also makes it harder for you to track the use of sensitive data so you can detect misuse and audit legitimate uses of sensitive data. To manage and protect sensitive data flows, you need to minimize and obfuscate the PII you store as much as possible. Your services should only have access to the bare minimum dataset necessary for them to function.
- 2. Not having granular auditing, logging, and observability of sensitive data: If your product team prioritizes shipping features rapidly over the auditing, logging, and observability of sensitive data, you’re limiting the ability to see which services and users have access to that data.
- You should scrutinize any eventing and queueing tools you are using, as they often unnecessarily collect PII and create data privacy risks. Tools such as Graylog, Prometheus, and DataDog can help you gain visibility into which users and services have access to sensitive data. To protect sensitive data, you need to understand where your PII is being accessed and minimize the amount of sensitive data that flows through your infrastructure.
- 3. Not using de-identification technologies to protect data privacy: Modern companies collect and use sensitive data to communicate with their customers, deliver products, and personalize experiences. Storing this sensitive data in plain text is a major red flag for any security auditor. Whether you’re trying to build out your own encryption program or need to implement data masking and tokenization, a robust system for privacy preservation is essential. It’s not enough to only de-identify data before it’s exposed to customers.
- You could consider de-identifying sensitive data prior to sharing it internally or completely removing it from the dataset. Similarly, customer service and success teams rarely need to see all of a customer’s sensitive data to assist them, so you should consider masking or redacting any sensitive customer data that these teams don’t need. Companies such as Adyen leverage internal and external de-identification solutions in order to protect their sensitive data. Data tokenization, masking, and redaction are just the tip of the iceberg in terms of solutions that companies can use to de-identify data. Combined with a strong encryption program, de-identification is a great way for you to protect your customers’ data privacy and security.
- 4. Not having a strict data governance framework and policies: You might already have some basic authentication controls in place, but these tools are severely limited because once a user or service is authenticated they are given complete access to move laterally within your infrastructure. This network perimeter model is outdated and has been replaced with the zero trust model that continually authenticates services and users with each data access request, even when they’re already in the network.
- The first step is to understand which services and users need access to what data and in what form, and then build policies to govern that access — policies that can be changed as needed to provide only the data that’s necessary for each workflow. Combined with auditing, logging, and observability, this will give you complete control over who has access to sensitive data and allow you to see how that data was accessed. At a minimum, role-based access control (RBAC) is essential to prevent a laissez-faire approach to data security. In order to have complete granular control over your sensitive data, you should also implement policy-based access control (PBAC) and attribute-based access control (ABAC).
- 5. Not having a strong encryption program: Like de-identification, encryption is one of the most foundational tools available to secure data. However, the demands of a highly competitive market sometimes tempt companies to settle for just encryption at rest, giving them little more than a false sense of security. Even if they do use some form of encryption, neglecting to rotate encryption keys or encrypt data in memory (where it’s most at risk) means this approach offers little to no security for sensitive customer data. Getting to market or launching new features quickly is important, but it should never come at the expense of properly managing sensitive data.
- The best way to protect data privacy is to solve the problem proactively, with a privacy by design approach. With this approach, you design privacy-preserving customer interactions and workflows from the start, so you can avoid these issues before they become major problems for your company. Whether you’re building new products and features, or looking to improve the privacy and security of sensitive data without disrupting business workflows and thanks
Green Hats International Innovation Center
for contents [ #ZiaullahMirza]
