I remember the first time my personal data was hacked.
Back in 2006, I received a startling letter saying my bank info may have been involved in a data breach. The bank kindly offered one free year of credit monitoring for my troubles. Nowadays, this story sounds archaic, more like my grandpa’s yarn about getting a Coke for a nickel. Since then, I received at least a dozen offers for free credit monitoring from various financial institutions and retailers, which means 12 data breaches. Clearly, data protection is a major challenge for companies across all industries—and keeping our personal data private and safe gets harder and harder.
Well, get ready, because 2017 is the year data privacy goes from just a project to a priority for enterprises worldwide. Here’s why:
- Companies are smarter and better prepared;
- Technology is exponentially more complex and secure;
- Regulations are tougher than ever, and the fines are substantial;
- Data security is being built into every layer and every piece of software code; and
- The European Union General Data Protection Regulation (EU GDPR).
With all these advancements and changes coming this year, things are about to get much better for consumers and workers alike.
Privacy Legislation Forces IT Change in 2017
Most companies think about consumer services when they think about GDPR and privacy issues. In reality, CIOs and Chief Privacy Officers everywhere should worry about the impact this legislation has on internal end-user data protection. I mean, when was the last time your privacy officer looked at IT’s access to personal data sitting on a company laptop? What about the privacy and data controls in place for bring-your-own-device (BYOD) solutions? Most likely never. Unfortunately, that means most IT organizations are severely exposed to being out of GDPR compliance.
The GDPR law requires organizations to take adequate measures to ensure the security of personal data.
In essence, GDPR will force accountability by imposing key principles of privacy, such as:
- The right for users to be forgotten (data purge);
- Privacy by design;
- The appointment of a Data Privacy Officer;
- Transparency of what data is collected; and
- Many more data security and accountability principles.
Privacy First Modern Management
One of the easiest things companies can do to set themselves up for success with privacy legislation is change the tools you use to manage end users’ mobile and desktop devices.
VMware AirWatch manages end-user devices using modern technologies with built-in privacy. We understand the implications needing to respect a variety of use cases, including:
- Personally-owned devices (BYOD).
- Corporate-owned and managed.
- Corporate-owned, personally-enabled devices with personal apps and data co-existing alongside corporate apps and data.
Now, we are talking about much more than mobile devices. Even Windows PCs and wearables can be managed in a way to adhere to the new privacy requirements.
Unlike many mobile device management (MDM) and systems management tools, AirWatch includes a comprehensive privacy architecture that allows for a more granular approach to filtering data to protect end-user privacy. Our framework is not a tool configurable by IT; it is built into the AirWatch platform. This deep integration of privacy and technology safeguards IT from making or accidentally changing policy rules and putting end-user privacy at risk.
Our solution has controls in place at every level, so when users ask:
“Can you can see my personal data?”
IT can answer:
“We couldn’t see it even if we wanted to.”
Additionally, our persona-based administration allows companies to assign a Privacy Officer role, so only those with the highest level of authority can change privacy policies. AirWatch’s best practice is to collect the minimum amount of information necessary and make end-user privacy the default.
Happy Data Privacy Day!
Little known fact: tomorrow is international Data Privacy Day (DPD), an effort held annually on January 28 to create awareness about the importance of privacy and protecting personal information. To show our dedication to respecting privacy, safeguarding data and enabling trust, VMware is a DPD Champion. But we are not just championing privacy for one day. We feel a deep responsibility to our customers and their end users to lead the charge for privacy protection and regulation in the mobility and broader digital workspace markets.
GDPR will greatly affect how data is collected, how it is used, and most importantly, how this is communicated to users. For many years now and into the future, we build privacy into the AirWatch platform, and we are well prepared to help our customers become GDPR compliant.
To learn more about the AirWatch Privacy First program, please click here.