Achieving Data Privacy through CIAM

by in Security

Businesses have been giving consumer privacy lip service for years. Regulations (GDPR, CCPA) have helped them be more sincere in their commitments. But the question of consumer privacy being a used as a competitive advantage has been coming up more often. Perhaps Apple’s marketing effort around security and consumer privacy is a contributor. Both Apple and Google allow their customers to control what activities are tracked, trading more personalize and effective surface for information. This year Facebook hired one of its most vocal critics to be its new data privacy lawyer on their voice recognition team. In a pace that has gathered at least a modest amount of steam, organizations are viewing consumer privacy as good for business.

Achieving Data Privacy through CIAMSecurity is a Growing Part of a Consumer First Strategy

While each organization has been having their own continual discussions on where the balance between security and convenience should lie for them, brand relevance continues to grow. Aside from the cadence of breach headlines that often result in a refresh of the executive team, the prioritization of platform security and privacy outside of these news events is real.

This past summer, Help Net Security published a survey of 2,500 participants on this very topic just a couple of months ago with some interesting results:

  • 91% of consumers are worried about online security threats affecting their household – specifically viruses and malware (60%), identity theft (55%), financial fraud (48%), and ransomware (45%)
  • 45% believe they’re more at risk of being hit by an attack now than they were before the pandemic
  • 69% believe that working from home introduces new security risks
  • 61% believe that they or someone in their household could be the target of an online attack in the next 12 months

I thought it was interesting that those surveyed believe that working from home (a COVID-19 related phenomenon) increases their vulnerability to a security risk. Perhaps teleworking security issues have consumers thinking more about how it applies to their personal lives. To clarify the resulting trend, the survey of consumer security concerns does indeed extend firmly into privacy issues. Just last month TechRepublic published a data privacy survey conducted by KPMG. Among the results:

  • 86% of the respondents said they feel a growing concern about data privacy
  • 78% expressed fears about the amount of data being collected
  • 40% of the consumers surveyed don't trust companies to use their data ethically
  • 47% of the respondents said they're concerned about the possibility of their data being hacked
  • 51% were worried about it being sold

In answers where it’s not clear to me that the survey’s participants reflected their answers in their behavior:

  • 30% said there are no circumstances under which they'd share data with businesses
  • 12% said they'd share data to make ads more relevant
  • 17% would do it to help companies improve their products and services

There are other privacy categories in the survey that you may also find interesting.

Mapping these survey responses to security priorities, the key question is how confident are you that your organization is going above and beyond GDPR table stakes. Integrity of data comes in when:

  • An organization makes safeguarding consumer information a high priority
  • Has the right controls in place to protect this data, whether is moving (being accessed) or standing still
  • Allows the consumer the ability to control what information is gathered and retained
  • Is using consumer data appropriately
  • Allows consumers to retrieve the information you gather

Data Privacy and CIAM Webinar

In our new webinar, Data Privacy and CIAM: Completing Your Identity Stack, our super SE and solutions architect, Richard Cabana, will be talking about an aspect of consumer identity and access management (CIAM) in which organizations are taking a second look: a more effective approach to enabling consumers to control their information. You will notice a new take on some familiar talking points. NetIQ long-timers will recognize the identity-centric approach to security, which really is the best strategy to securing information and resources from anywhere on any device. But Richard will also review privacy from a consumer perspective, an increasing topic among CIAM architects.

Join us live on September 28, or on-demand after that date.

 

Join our Community | Identity Manager User Discussion Forum| Tips & Info | Identity Manager Idea Exchange

Labels:

Identity & Access Mgmt
Anonymous