tadamichi - Fotolia

Resellers should use Data Privacy Day as chance to talk security

Data Privacy Day has arrived and it presents resellers with a chance to talk to customers about security and compliance

Security resellers are rarely scrambling round for a topical reason to go and call on clients as they often get the chance to exploit the publicity surrounding the latest high profile data breach.

Most of the conversations that follow those incidents are reactive as users try to ensure that what has happened to the likes of Target and TalkTalk will not happen to them.

For once there is a reason for the channel to go and talk to customers without doing so against a backdrop of fear and uncertainty with today being Data Privacy Day.

The idea of having a date in the calendar to focus on data privacy started back in 2007 and is now observed in the US, Canada and 47 European countries, including the UK.

Talking about data privacy is a more strategic and proactive discussion and the security industry is urging resellers to use the occasion to encourage customers to think about how they look after data and encourage employees to take the issue more seriously.

“Data privacy day is a great opportunity for organisations to reevaluate their privacy program,” said Tim Erlin, director of IT risk and security strategy for Tripwire.

“Privacy is often treated as part of larger security initiatives. While this approach addresses some key privacy issues, others may not get the attention they deserve," he added.

Resellers are being encouraged to talk to customers about trying to reduce the number of data breaches by making sure that patches are up to date and encryption is being used to protect sensitive information.

One of those organisations behind the Data Privacy Day, the Online Trust Alliance (OTA), found that in the first half of last year 91% of data breaches could have been easily avoided.

Erlin said that some of the mistakes that enterprises were making included keeping far too much non essential customer data, which increased the risks that some of it might be compromised, as well as not securing all of the access paths into the data.

Data Privacy Day

The Day, always held on the 28 January, was initially started to encourage businesses and consumers to think about how they protected their own privacy, particularly on social media. But over the years it has changed to widen the focus onto compliance issues and to make sure that people understand the impact of privacy laws.

Security specialists along with governments, industry lobby groups and academics are all involved with trying to use the day as a platform to discuss privacy issues.

He also highlighted the need for greater encryption and the need for more vigilance with keeping patches up to date.

"Security experts may be more interested in the technical analysis of the latest malware, but successful attacks are more likely to exploit the three year old web server vulnerability that gets them access to high value data. Patching systems isn’t glamorous but it’s essential to protecting data," he said.

To coincide with Data Privacy Day, F-Secure has charted how the issue of data integrity raises concerns in different countries, with a significant number expressing concerns that their information might be exposed to intelligence agencies.

F-Secure found that customers would in some cases be prepared to go to the effort to avoid pay more if they felt they could avoid information going through countries like China and Russia, where concerns about privacy being compromised were the highest.

Read more on Data Protection Services