For International Data Privacy Day, we asked one of our experts here at Progress about data privacy trends for 2021 and beyond.
Since 2007, Jan. 28 has been known as International Data Privacy Day, observed in Europe as Data Protection Day. This takes place around the globe in an international effort to empower and encourage individuals and businesses to respect privacy, safeguard data and enable trust between all people.
At Progress, we have a strong commitment to protecting our data and that of our customers, employees and vendors/service providers, especially during this time of new legal challenges caused by rapid technological development. To act on this commitment, we have in-house experts who run internal and external programs to oversee data and information security programs.
We recently caught up with Richard Barretto, director of information security at Progress, and asked him to share his perspectives around data privacy, how COVID-19 has impacted his practice and the 2021 trends he is seeing affecting data privacy at home and abroad.
A data breach is going to happen, so we all need to be prepared for when it happens. A great way for any organization to prepare for a breach is to run a tabletop exercise with the key personnel (IT, HR, security, legal, compliance, customer support) involved in a breach and walk through a fictitious scenario and determine how the organization would respond and react. Document all the possible steps, communications and actions your organization would take. The tabletop is also a great way to exercise and improve your current incident response plan (continuous improvement) if you haven’t updated it for a while.
These risks during a pandemic are almost the same. It is just distributed across geographical locations and not just in the office. It’s important to keep employees on their toes. In this environment, working from home can cause them to let their guard down and leave the company more susceptible to attacks. For example, in this COVID-19 stressed global economy, I expect to see more fraud and phishing attempts. I don’t know about you, but I receive almost one or two daily phishing attempts or phone calls asking about my personal information or requesting me to click a link in my email. Companies and employees must be vigilant in their training and education about these vulnerabilities.
Supply chain security is on top of a lot of organization’s security strategies list. The SolarWinds hack at the end of 2020, should have increased any company’s awareness that its security depends on suppliers of safe and secure software and hardware solutions. To get ahead, assess the risks of your suppliers and how they are utilized in your organization. As best as you can, minimize the exposure your suppliers have on your network, or limit the access to your data.
Every company would love to provide personalized products or services that are tailored to your needs and provide more value. This means organizations may have more information about their customers than consumers realize. This emphasizes the importance of transparency around what data is collected, how data is handled and the ability to correct or delete your data are rights that our customers have. Progress clearly states our data policies in our Privacy Center for your review.
Countries all over the world have followed suit since the EU’s General Data Privacy Regulation (GDPR) went into effect in 2018. For example, Brazil’s data privacy regulation became effective late last year and India expects to pass something later this year. As for the U.S., I expect that Congress is not far away from adopting similar privacy regulation like GDPR. Last year, several legislative bills were introduced to Congress for consideration (e.g., Setting an American Framework to Ensure Data Access, Transparency, and Accountability or SAFE DATA Act).
This means for Progress that protecting the privacy and security of your data is our utmost commitment by default, and we consider this when Progress develops or designs products or services. It is our process to review the threats and risks to the privacy of your data and assuring the security of your data is sustained.
Editor's note Special thanks to Chuck Pollak and Ryan Buckley in the legal department and the InfoSec team George Ribarski and Stefan Lambrev for their valuable contributions to this article.
Nelson Ortiz is an internal communications manager for the corporate communications team at Progress.
Subscribe to get all the news, info and tutorials you need to build better business apps and sites
You have the right to request deletion of your Personal Information at any time.
You can also ask us not to pass your Personal Information to third parties here: Do Not Sell My Info
Let our experts teach you how to use Sitefinity's best-in-class features to deliver compelling digital experiences.