Introduction
Data Security - protective digital privacy measures that are applied to prevent unauthorized
access to computers, databases and websites.
United Nations Global Pulse: United Nations Global Pulse partnered with MIT to start a project
called ‘Mapping the Risk-Utility Landscape of Mobile Data for Sustainable Development and
Humanitarian Action.’ This project aims to determine how insights from mobile data might be
used to maximum effect in support of policy planning and crisis response with minimal risk to
privacy.
National Cyber Security Alliance (NCSA): The National Cyber Security Alliance (NCSA)
builds strong public/private partnerships to create and implement broad-reaching education and
awareness efforts to empower users at home, work and school with the information they need to
keep themselves, their organizations, their systems and their sensitive information safe and
secure online and encourage a culture of cybersecurity.
The General Data Protection Regulation: a rule passed by the European Union in 2016,
setting new rules for how companies manage and share personal data. In theory, the GDPR only
applies to EU citizens’ data, but the global nature of the internet means that nearly every online
service is affected, and the regulation has already resulted in significant changes for US users as
companies scramble to adapt.
Encryption - used to be the sole province of geeks and mathematicians, but a lot has changed in
recent years. In particular, various publicly available tools have taken the rocket science out of
encrypting (and decrypting) email and files. GPG for Mail, for example, is an open source
plug-in for the Apple Mail program that makes it easy to encrypt, decrypt, sign and verify emails
using the OpenPGP standard. And for protecting files, newer versions of Apple's OS X operating
system come with FileVault, a program that encrypts the hard drive of a computer. Those
running Microsoft Windows have a similar program. This software will scramble your data, but
won't protect you from government authorities demanding your encryption key under the
Regulation of Investigatory Powers Act (2000), which is why some aficionados recommend
TrueCrypt, a program with some very interesting facilities, which might have been useful to
David Miranda.
Stop incursion and breaching response - Shutting down the avenues to the company’s
warehouse will prevent incursions by the hacker. Management, production and security solutions
must be combined to prevent the targeted attacks.
Having a breach response plan will help in triggering quick response to data breaches and
help in the reduction of harm. The plan could contain steps involving notification of the
concerned staff or the agency who could contain the breach.
Tracking data - Tracking the motion of data within the organisational network will prevent any
unintentional use of sensitive information.
Defining accessibility - Defining accessibility to those who are working on company’s sensitive
data will bring down the risk of malicious users.
Useful Links
- http://undocs.org/A/RES/68/167
- http://bigdata-madesimple.com/15-ways-to-prevent-data-security-breaches/
- https://europa.eu/youreurope/citizens/consumers/internet-telecoms/data-protection-privac
y/index_en.htm
- https://ico.org.uk/for-organisations/guide-to-data-protection/key-definitions/