I am not paranoid, but I am cautious and concerned about the steady encroachment into our private lives, enabled in large part by the every growing and ubiquitous nature of our technology. Maybe it is just me, but here are a few stories that demonstrate why each of us should be concerned about our digital trail.
OnStar GPS Data Could Be for Sale
Germany Declares Facebook ‘Like’ Button Illegal
Street Cameras Raise Privacy Alarms
These are just a few of the things being done by the ‘Good Guys’. The 'Bad Guys’ are busy too. See this story about how thousands of users may have had their DNS routing changed without their knowledge. For those of us over 40, we are not in Kansas anymore Dorothy, and for those of us under 20, well, it’s just status quo. That said, being connected in today’s world has become a necessity for many of us. Not only do we need access to accurate information quickly, there are times when others need access to us and information about us as well. This means that all of us must learn how to deal with our ‘connected’ world. We need to think before we post personal information on social websites and blogs. It makes me crazy when I see personal blogs and information on social sites where people post potentially sensitive pictures about themselves and family members or provide details about where they go and how often they leave town for the weekend. So, common sense is first on the list of protective actions. Credit and identity theft monitoring services are also available to help guard against the illicit use of our private information. Users who make payments over the internet have a variety of payment tools such as Paypal, which are designed to secure online financial transactions. And there are other things each of us can do and should be teaching our children about when it comes to safely using the Internet and on line services.
For Cloud Service Providers (CSPs) such as NICE, it is important that they recognize their customer’s concerns and address threats to the security of their customer’s data. Contracts should provide specific SLAs, products, systems and processes must be developed with security in mind. Employees must be properly screened and trained. Compliance to standards such as SSAE 16, PCI, ISO and other data security standards must be tested and demonstrated and active security focused teams should be in place to ensure the security and performance of their services. Our 'Connected World' brings tremendous opportunities, for both 'Good' and 'Bad'. When selecting a CSP, it is important that these types of controls are in place to provide customer assurance and thus address customers concerns and prevent customer paranoia.
