Uncategorized Incorporating Privacy by Design in a Software Development Life-cycle – Security Boulevard
The Home of the Security Bloggers Network
Home » Cybersecurity » Data Security »
With digital transformation being a key driver in how data is used and shared across systems to help drive innovation as well as improve customer experiences, privacy continues to be an important concern.
The introduction of new privacy regulations such as GDPR in Europe and the soon to be launched CCPA in California have been designed to protect consumer’s privacy rights. It can be said that data privacy and security are integral to each other, so these two important factors should remain at the forefront throughout the software development life cycle.
Key Principles behind Privacy by Design:
Renowned data security expert Ann Cavoukian developed the concept of “Privacy by Design,” which calls upon privacy to be considered throughout the entire engineering process, with a formal framework published in 2009, in which she stated that:
“Privacy must be incorporated into networked data systems and technologies by default. Privacy must become integral to organizational priorities, project objectives, design processes and planning operations. Privacy must be embedded into every standard, protocol and process that touches our lives.”
The framework itself has been adopted by several governments as well as industry bodies around the world. Additionally, it was included within the GDPR regulation. The seven key principles behind the Privacy by Design framework are:
The Adoption of a DevOps Model within Privacy By Design:
A lot of organisations are moving to a DevOps model, adopting practices which incorporate software development and IT operations in order to shorten a software development lifecycle, which then enables continuous integration, as well as continuous delivery.
While at its heart the principles of Privacy by Design are about design, it is important that privacy considerations are taken into account throughout the entire development, testing, and deployment process. This would involve adding privacy checks, tests and gates throughout the software development lifecycle. This also means embedding privacy into your security as best practice.
Liberating Sensitive Information:
The recent World Economic Forum Global Risk Report detailed the greatest risks to the global economy, and for organisations that are on the receiving end of these threats the impact can be profound. Protegrity can help organisations liberate sensitive information by protecting the data itself, whilst maintaining referential integrity of datasets, learn how in our e-book: Privacy By Design: Balancing Defence -In-Depth With Advanced Analytics.
*** This is a Security Bloggers Network syndicated blog from Blog – Protegrity authored by Raajveer Loyal. Read the original post at: https://www.protegrity.com/incorporating-privacy-by-design-in-a-software-development-life-cycle/