블로그 구독

Privacy by Design or Privacy by Default (PbD) is not a new concept. However PbD received renewed attention when the GDPR added PbD as a legal requirement. PbD refers to the process of building in technical, organizational and security measures at the beginning stage of product development and throughout the product lifecycle. 

A look inside PbD at Red Hat

Instead of developing a product and then asking: Is this product secure? Do we respect privacy rights? PbD requires developers to ask and answer these questions at the start and throughout the development process. PbD also requires developers to collaborate with colleagues from other areas of the business who have expertise in privacy and security compliance.

PbD fits in very well with Red Hat’s commitment to the open source way. Asking questions in a collaborative nature and on a continuous basis are key tenets of open innovation at Red Hat.  

Privacy Engineering by Design

One PbD tool we use to build in privacy to our development process is our Privacy Impact Assessment, also known as a PIA. The PIA is a process which assists developers at the early stages in identifying and mitigating privacy risks associated with the collection and use of personal data. 

The PIA tool begins with a self assessment that asks a lot of questions about the planned project or product. This initiates a process of review by individuals trained in privacy and security. The process is collaborative and creates an on-going dialogue about privacy with respect to the product, system or application at hand.

Collaboration Across Departments

New or updated privacy laws are being introduced and enacted in states, regions and countries across the world (see our March Blog on this topic).  The result is a rather complicated web of privacy laws which vary depending on geography, industry and the type of personal data at issue.  

As we hinted above, collaboration is a key part of PbD at Red Hat. At Red Hat, we have a team dedicated to monitoring and evaluating new privacy laws and assessing how such laws impact our our offerings and our PbD tools, such as the PIA process.  The team is made up of individuals who focus on privacy and data security from departments such as InfoSec, IT, Engineering, Customer Engagement and Legal.  

Understanding privacy issues within and across an organization helps build a foundation that keeps data security and privacy in the conversation throughout the development lifecycle. Raising and addressing privacy considerations in the design phase also helps Red Hat offer products and services that meet the needs of our customers.

Visit our Trust Red Hat page to stay connected on topics such as security, compliance and privacy.


저자 소개

Jamie Parker is a compliance and privacy expert within Red Hat's products and technologies organization. She is passionate about data protection and privacy. Before joining Red Hat, Parker spent 12 years at Cisco Systems transforming business processes. Her focus was policy governance, regulatory compliance, internal audit, customer data protection, and privacy.

 
Read full bio

채널별 검색

automation icon

오토메이션

기술, 팀, 인프라를 위한 IT 자동화 최신 동향

AI icon

인공지능

고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트

open hybrid cloud icon

오픈 하이브리드 클라우드

하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요

security icon

보안

환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보

edge icon

엣지 컴퓨팅

엣지에서의 운영을 단순화하는 플랫폼 업데이트

Infrastructure icon

인프라

세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보

application development icon

애플리케이션

복잡한 애플리케이션에 대한 솔루션 더 보기

Original series icon

오리지널 쇼

엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리