Security Market Segment LS
Monday, 13 May 2019 10:04

Earning customer trust will help boost business: cloud security pro Featured

Earning customer trust will help boost business: cloud security pro Courtesy Office of the Australian Information Commissioner

Businesses that earn the trust of their customers by being responsible stewards of their information will be rewarded with loyalty and positive word-of-mouth recommendations, Mark Perry, the chief technology officer of cloud security firm Ping Identity says.

In comments to mark Australian Privacy Awareness Week which runs from 12 to 18 May, Perry said the observance of the week served to remind people that organisations which lack ways to protect data from unauthorised sharing, data breaches and misuse stand to lose this trust. That, he added, would translate into lost business.

The Privacy Awareness Week is an initiative of the Office of the Australian Information Commissioner.

"To thrive in this increasingly complex landscape, organisations must carefully control which customer data attributes are accessible to applications. They must ensure that apps only have access to the attributes they need and, particularly for partner applications, that customers have consented to sharing data," Perry said.

"Finally, they must make these consents intuitive. Lengthy privacy policies full of legalese are a thing of the past. An organisation’s customers expect user-friendly controls that let them manage their consents and clearly see who has access to their data.

mark perry"At the same time, centralised privacy management capabilities enable compliance with a growing number of dynamic privacy regulations. With centralised policies, businesses can confidently control how and where data is used.

"Without them, it’s risky to embark on new initiatives to improve customer experience, and you risk tight restrictions from security, legal and compliance teams. Those are steep sacrifices in today’s multi-channel marketplace, where competitive advantage lies in personalisation."

Joanne Wong, senior regional marketing director for security intelligence firm LogRhythm in the Asia-Pacific, said the week served to remind both consumers and employees that they should have good privacy and personal data protection practices.

"At work, you can adopt basic data protection practices for daily operational activities. It could be as simple as checking your emails to ensure there is no unnecessary personal data contained within before sending out," she said.

joanne wong"Another step is to practise password hygiene, which could be as simple as using different passwords across applications or multifactor authentication and changing passwords often. Akin to security locks for physical security, passwords have long been a standard means of protecting information, most importantly for information both offline or online.

"We use it to lock our mobile devices, protect our online banking information and for businesses, protecting their network from unauthorised access.

"At the same time, as bad actors become more persistent and increasingly sophisticated in their methods of gaining access to our critical digital assets and information, chief security information officers have an ongoing responsibility to emphasise the importance of password hygiene.

"Indeed, companies need to put privacy at the heart of all new applications and processes. Privacy by design will need to be part of the organisation’s mind-set, not just an afterthought. This is really a principle that businesses need to be thinking about now, not later."

phil kernickPhil Kernick, co-founder and chief technology officer of cyber security specialist CQR Consulting, said: "In 2010, Facebook publicly said that the age of privacy is over. Today, they are saying that the future is private.

"But what they aren’t acknowledging is that your private information is still yours, not theirs, even if you choose to share it on their platform.

"Personal information is the currency of social media. You need to protect it the same way you protect your wallet, and choose where to spend it wisely."

The Australian National Privacy Week provided a timely reminder to create or review privacy and security policies and ensure that staff training was part of any policy, according to Mark Sinclair, ANZ country manager of global network security vendor WatchGuard Technologies.

mark sinclair"Educating users is often the most overlooked area of security and the public mandatory data breach legislation reports show that user error is quite often a cause of a privacy or data breach," he said.

"Robust security technology is vital, but ensuring users are aware of policies, understanding how their privacy can be compromised, and the role they should take to keep data safe should be the first and last line of defence for every organisation."

Michael Warnock, Australia country manager of security solutions firm Aura Information Security, said: "When you look back over the past five years, adoption of new technologies like mobile and cloud have completely transformed many industries for both consumers and businesses. All have come to expect access to services from consumers wherever they happen to be and at whatever time they need."

michael warnockHe said at the same time, cyber-attacks demonstrated the vulnerable, expanded attack surface associated with greater cloud adoption.

"As organisations work to secure their applications and other sensitive assets in the cloud as part of their digital transformation strategies, these attacks demonstrate the need to quickly implement consistent security controls across cloud and on-premises environments to protect user privacy.

"After all, most people fail to only really care about cyber security until they are a victim of an attack. Cyber education in the workforce and awareness for individuals to manage their own privacy is not something people should do every 12 months with a few questions, it needs to be continuously reinforced and customised to front and centre of an organisation’s employee base."

petr adamekPetr Adamek, chief executive of the Canberra Innovation Network, an ACT Government initiative to accelerate innovation and diversify the economy, said people wanted reassurance that their data was safe and secure.

"The best tech start-ups focus not only on attracting new customers and building amazing technology, but also on building trust of their customers," he said.

"Being serious about privacy and data protection and demonstrating it is a key ingredient in building such trust and setting your startup for success.

Budd Ilic, ANZ country manager of cloud security provider Zscaler, said the week provided an opportunity for Australian businesses to review the introduction of greater data cyber security hygiene into their enterprises.

budd ilic"Organisations today need to take a more proactive approach to protecting and managing their customer data. At the same time, companies need to ensure they have insight into the various data pools, often kept in different departments within an organisation and identify whether permission to use personally identifiable information has been obtained," he said.

"Furthermore, in recent years, companies have had to put technology in place that helps them control and protect digital assets, and reconcile the disjointed conversations between departments to produce the shared insight necessary to update an organisation’s security posture.

"Processes should really now be in place to manage the data more effectively as companies have gained a better understanding of where they store PII and who has access to this, a necessity to be able to comply with the reporting requirements in case of data loss and to support robust customer privacy."

Albert Kuo, vice-president Asia Pacific for enterprise technology company ExtraHop, said: "Today, both business and consumer IT users experience encryption on a daily basis by way of the browsers and applications we use.

albert kuo"Application providers have invested heavily in elevating privacy and protecting sensitive data through encryption policies and technology, yet personal information is still often leaked largely because of unintentional human error, the weakest link in any defence."

Kuo said if attackers obtained user credentials, then encryption was of no use.

"For this reason, no organisation is free from the risk of a breach. As a result, organisations should protect their IT users’ privacy with comprehensive network visibility and automation that speeds up the investigation process," he said.

"After all, the faster you can locate an attack source and mitigate the damage, the sooner it’s stopped, and the less damage done to users and the and the organisation's reputation."

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous