We have mixed feelings about Data Privacy Day. On one hand, we’re very much in favor of empowering people and businesses to think about data privacy and how they can better manage and protect their personal data. On the other hand, only one day per year? We think about data privacy a lot more than that, and you should too!
In the words of the National Cyber Security Alliance, Data Privacy Day "is an international effort to empower individuals and encourage businesses to respect privacy, safeguard data and enable trust."
What does data privacy mean to you?
First and foremost, of course, many people think of data privacy in terms of securing their own data and how their data is handled by others.
But for most professionals in the IT industry, data privacy goes far beyond protecting their own data. It also falls on us to protect personal data collected by or entrusted to our company, including personal data of customers, users, partners and co-workers. At Red Hat, we are all responsible for guarding data privacy by adhering to corporate guidelines for handling and securing data, passwords, devices and much more.
Protecting data privacy is not just about hardening systems, it’s about helping people understand their roles in protecting personal data. It’s about having guidelines that are understood, and followed, and having processes in place for identifying problems and remediating them quickly.
Sure, we have a cross-functional team that is specifically tasked with security and privacy at Red Hat, but every employee and contractor is expected to take steps to protect Red Hat’s systems and the data we manage.
How you can make an impact
We could write a book on how to protect data privacy, but today we’d like to focus on just a few ways Red Hat strives to assist you in improving your data handling and protection practices.
Be aware of attempts to gain access to data via social engineering, like tech support scams. It doesn’t matter where you sit in the organization, attackers may try to find a path to your company’s data through your systems.
If you’re responsible for managing systems at your company, pay attention to security advisories and apply patches to your systems when they are impacted. Red Hat’s customer security awareness program provides clear documentation about issues that may impact Red Hat software via the Vulnerability Response Center.
Also, take care to proactively assess risk in your activities. When you collect or work with data, what steps are you taking to protect that data? How could someone access that data and see something they should not? Work to make sure that you’re taking the appropriate steps to mitigate those risks.
Red Hat’s commitment
Last year, the European Union’s General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Red Hat’s Data Security + Privacy team worked with groups throughout Red Hat to help our associates understand the need for compliance and that new guidelines and procedures were in place.
But we take data privacy and security seriously no matter where we do business, and we employ high standards for handling data across all locations. The GDPR taking effect is an important milestone for us, but not the end or only regulation for protecting data privacy.
Spread the word
In large part, protecting data privacy is not as complicated as we might think, but it does require thinking about data privacy regularly, following your company’s guidelines for handling data, and having processes in place to stop or mitigate a breach if there has been an exposure.
So spread the word about Data Privacy Day, but keep the party going all year long.