This week, we have been studying policies. One of our assignments was to create a home computer use policy governing the use of our networks at home. This led me to the thought of researching security and privacy and how they relate in policies. So, how does security and privacy factor into policies?
I found Google's policy information concerning its Business Apps offering. It actually breaks the frequently asked questions (FAQ) into the two parts: privacy and security. First of all, let's look at privacy. Many people are concerned with posting or sharing information on the Internet, because they feel that the provider would then own the data. Google makes it clear this is not the case with them. They also make it clear that they respect the organization's privacy by not accessing it unless granted access by the domain administrator. Additionally, in light of recent developments with security and law enforcement, it appears as though Google will typically entertain requests to remove content. However, I do not see anything about mentioning providing government access to your data. So, you can rest assured that Google may have your back if the NSA comes knocking!
Security also plays a factor at Google. They have received satisfactory SSAE 16 and ISAE 3402 Type II audits. What does this mean for you? Essentially, Google has passed tests for securing your data with respect to data security, privacy, and the security of its Data Centers. This should give users of its Business Apps peace of mind that any data the entrust to Google will not make it into the wrong hands. Google also reassures its users that they are safe against hackers and miscellaneous threats through a security team used to test its controls and enhance the security of data. Lastly, Google uses encryption through HTTPS to ensure data transmitted to and from its servers is secure and free from prying eyes. To me, it sounds like Google is a safe, secure, and private area to conduct business.
It's nice to know that privacy and security policies are in place, but what can you do if you feel yours have been violated? That is a fair question and one I wanted to look up. In the event you feel that a business has violated the security and/or privacy policies put in place to protect you, you should contact the Federal Trade Commission (FTC). According to its website, the FTC had brought 32 legal actions against companies for violating their policies regarding security and privacy. In such cases, companies are in violation of Section 5 of the FTC Act. What does that mean? Essentially, it protects you against deceptive practices. A company can provide a policy, gaining your trust, and then violate it by not abiding by its own policies. Therefore, they can be punished and you will have protection. That is good information to know, should you ever encounter this type of practice. Thankfully, I have never had that issue with any companies.
As you can see, companies have policies in place to protect both themselves and you, their clients. Without these policies in place, there could be tremendous harm to either you or the company. Private information made available to others could hurt you or your company, leading to lawsuits against your provider. You certainly do not want your information freely available and the companies who host your data, like Google, do not want to lose valuable monetary resources because of negligence. Most of us, myself included, tend to just breeze through the policies. Next time, take a few minutes to read through those privacy and security policies to see how you are protected. You might find a plethora of useful information at your fingertips!
Referenced Sites
Enforcing Privacy Promises. (n.d.). Retrieved September 28, 2014, from http://www.ftc.gov/news-events/media-resources/protecting-consumer-privacy/enforcing-privacy-promises
Your security and privacy. (n.d.). Retrieved September 27, 2014, from https://support.google.com/a/answer/60762?hl=en
I found Google's policy information concerning its Business Apps offering. It actually breaks the frequently asked questions (FAQ) into the two parts: privacy and security. First of all, let's look at privacy. Many people are concerned with posting or sharing information on the Internet, because they feel that the provider would then own the data. Google makes it clear this is not the case with them. They also make it clear that they respect the organization's privacy by not accessing it unless granted access by the domain administrator. Additionally, in light of recent developments with security and law enforcement, it appears as though Google will typically entertain requests to remove content. However, I do not see anything about mentioning providing government access to your data. So, you can rest assured that Google may have your back if the NSA comes knocking!
Security also plays a factor at Google. They have received satisfactory SSAE 16 and ISAE 3402 Type II audits. What does this mean for you? Essentially, Google has passed tests for securing your data with respect to data security, privacy, and the security of its Data Centers. This should give users of its Business Apps peace of mind that any data the entrust to Google will not make it into the wrong hands. Google also reassures its users that they are safe against hackers and miscellaneous threats through a security team used to test its controls and enhance the security of data. Lastly, Google uses encryption through HTTPS to ensure data transmitted to and from its servers is secure and free from prying eyes. To me, it sounds like Google is a safe, secure, and private area to conduct business.
It's nice to know that privacy and security policies are in place, but what can you do if you feel yours have been violated? That is a fair question and one I wanted to look up. In the event you feel that a business has violated the security and/or privacy policies put in place to protect you, you should contact the Federal Trade Commission (FTC). According to its website, the FTC had brought 32 legal actions against companies for violating their policies regarding security and privacy. In such cases, companies are in violation of Section 5 of the FTC Act. What does that mean? Essentially, it protects you against deceptive practices. A company can provide a policy, gaining your trust, and then violate it by not abiding by its own policies. Therefore, they can be punished and you will have protection. That is good information to know, should you ever encounter this type of practice. Thankfully, I have never had that issue with any companies.
As you can see, companies have policies in place to protect both themselves and you, their clients. Without these policies in place, there could be tremendous harm to either you or the company. Private information made available to others could hurt you or your company, leading to lawsuits against your provider. You certainly do not want your information freely available and the companies who host your data, like Google, do not want to lose valuable monetary resources because of negligence. Most of us, myself included, tend to just breeze through the policies. Next time, take a few minutes to read through those privacy and security policies to see how you are protected. You might find a plethora of useful information at your fingertips!
Referenced Sites
Enforcing Privacy Promises. (n.d.). Retrieved September 28, 2014, from http://www.ftc.gov/news-events/media-resources/protecting-consumer-privacy/enforcing-privacy-promises
Your security and privacy. (n.d.). Retrieved September 27, 2014, from https://support.google.com/a/answer/60762?hl=en
No comments:
Post a Comment