What are your biggest challenges in handling consumer data with respect to data privacy and security and what tools and processes help you manage these?

5k viewscircle icon11 Comments
Sort by:
CISO/CPO & Adjunct Law Professor in Finance (non-banking)a year ago

I agree with the august commenters that vendors are a major threat. 

The tools used are not my largest concern since the privacy culture among vendors will drive the amount of effort put into data protection.  For example, a hypothetical vendor may have once told me that a hacked email box is just a glitch, nothing to worry about. The response did not show their dedication to the highest levels of data protection, in my humble opinion.

Promulgating the privacy culture outside our organization is a challenge.

Chief Privacy Officer in Finance (non-banking)a year ago

From a program Point of View, the biggest challenge is the number and variety of privacy regulations across the globe. The way to overcome it is to try using the highest standard to be applied everywhere, as this will limit the changes required to your privacy program.

On the more technical side, Data Retention is a big challenge. Privacy principles are stating that "you should not keep data for longer than needed", but the minimum retention is defined by different set of laws. This makes it hard to find the right retention schedule. And then, when you have it, automating deletion is also another problem.
Some concepts may help, for exemple, Data redaction:
Data Redaction: What It Is and When to Use It | Informatica

VP of IT2 years ago

IMHO, the biggest challenge is knowing which data you need to accord with what level of protection. There are many tools and processes that can be used to secure the data once you know what needs to be protected.

My preference is to follow a zero trust approach I call MAZE, mission-critical assurance using zero-trust enforcement. MAZE combines zero trust enforcement while implementing a Defence-in-Depth approach to cybersecurity design.

I would begin by identifying and categorising the data into security classes based upon how much security control needs to be applied to the data. I would then divide the computing infrastructure into zones based upon the need to make the data available and the security class they belong to. Finally, I would build conduits between each zone using micro-segments and incorporate data security controls for each conduit. I prefer this approach since it helps me scale from hundreds to thousands of computing infrastructure assets.

Director in Software3 years ago

Handling consumer data presents multitude of challenges with regards to privacy & security. A strong data classification and data handling policy with effective controls is required. Some practical challenges related to collection of consumer data, classifying and limiting personal data collection, securing data, implementation of effective controls in line with regulatory requirements etc.    

CTO in Healthcare and Biotech3 years ago

Moving agile can be challenging while respecting customer data, and having the whole team on board with the importance of small but significant exposure.

Content you might like

Open Data with Open AI model22%

Private Data with Open AI model64%

Open Data with Private AI model9%

Private Data with Private AI model4%

View Results

Over 6 months7%

Over 12 months49%

Over 18 months23%

Over 24 months16%

Over 30 months1%

Over 36 months2%

View Results