Genetec shares tips on protecting privacy without compromising security

To celebrate Data Protection Day, Genetec Inc., a technology provider of unified security, public safety, operations and business intelligence solutions, has shared practical guidance on how organisations can secure their operations in a way that respects everyone’s privacy.  

To date, 107 countries have established legislation that secures the protection of data and privacy. This follows in the footsteps of the General Data Protection Regulation (GDPR) in Europe, which has issued €1,059,520,456 in fines since its establishment in 2018. Despite that, only 59% of organisations say they meet all GDPR requirements.

“International Data Protection Day is the perfect time to share what we’ve learned over 25 years; organisations should never have to choose between data privacy and security,” said Christian Morin, Chief Security Officer at Genetec Inc. “As cyber threats and privacy regulations evolve, organisations need to stay vigilant. Security solutions that are built on privacy by design principles, such as our Privacy Protector, enable these organisations to achieve their business goals while maintaining compliance.”

Genetec recommends organisations ensure their security systems respect data privacy by: 

1. Establishing privacy governance. Designate a Data Protection Officer to guide strategies and comply with regulations. Map how data is collected and processed, where it’s stored, how long it’s kept and who can access it. Categorise data in terms of risk. Identify people outside your organisation who may need to access your data and assess the risk your data processing operations pose to citizens’ rights.

• Building a data protection strategy. Conduct a gap analysis of data processing operations. Evaluate existing systems’ ability to address privacy without draining resources. Implement new processes as necessary and document your privacy policies and procedures. Educate your entire workforce on cybersecurity and privacy best practices.

• Assessing the capabilities of technology and partners. Proactively seek out those that may offer to help uphold privacy and protection. Inquire about certifications and steps partners and vendors are taking to comply with privacy legislation. Choose solutions built with Privacy by Design, that enable privacy features by default. Consider solutions that enable you to standardise processes and policies across different regions.

• Building security systems with privacy in mind. Enable multiple layers of defence to protect personal information collected by physical security systems. Define user access to restrict those who can log into applications and what they can see/do. Implement privacy features like video anonymisation that blurs identities in footage. Automate data retention policies to ensure data is automatically deleted as required. Leverage a digital evidence management system to securely share information for investigations and citizen requests.

• Remaining vigilant. Stay current on data privacy laws and evolve policies and processes regularly. Leverage hardening tools to actively monitor cybersecurity compliance and keep up with software updates. Monitor user activity logs to check what data, systems and files are being accessed. Activate health monitoring to receive alerts automatically about system vulnerabilities or device failure. Consider a hybrid cloud implementation to streamline access to the latest cybersecurity and data privacy updates.

For more on Genetec privacy protection initiatives, visit https://www.genetec.com/trust-cybersecurity