How Non-Profits can
Assess and Evaluate Privacy
Risks
Christopher Parsons
University of Victoria
Talk outline
• Nailing down ‘privacy’
• ‘Risk talk’
• Setting your own expectations
• Securing your data...from who?
• Con...
<Caveat>
By Sang Valte

Nailing down privacy
By flosofl

‘Risk talk’
Setting your own
expectations internally
• Assess: Data collection, use, management,
disposal

• Understand: How and why y...
Effective collection
• Clear
• Purpose driven (and limited)
• Secured for clear duration
• Minimum needed for service offe...
Securing your data
• ‘Where’ is data, and who can access, and
when/why?

• Are you geographically limited in where
you can...
Considering your
policies
• Secure email? Data retention? Share PII?
• What if LEAs arrive? Where is the data?
• Who to co...
Basic tips
• Role based access
• ‘Good’ hygiene
• Secure mobile devices
• Outsource to reliable partners
Intermediate tips
• Encrypt OS and thumbdrives
• Activate remote wipe capabilities
• Lunchtime briefs
• Privacy ‘point’
• ...
Contact information
•

Email:
christopher@christopher-parsons.com

•

Homepage:
http://www.christopherparsons.com

•

Twit...
Upcoming SlideShare
Loading in …5
×

How non profits can assess and evaluate privacy risks (net2vic october 2013)

312 views

Published on

How Non-Profits can Assess and Evaluate Privacy Risks

Everyone is worried about privacy but what exactly should we actually be worried about? What are some of the daily ‘risks’ and the broader considerations for non-profits, today?

In this presentation, Christopher will identify some practices that non-profits can adopt to both secure their clients’ personal information and to make better decisions about what information to collect or not. He’ll identify how non-profits can develop transparent and effective policies concerning the collection of personal information, basic and intermediate levels of securing some of that data (and what not to do with it, once you’ve collected it!), as well as some common ‘threats’ that such organizations might experience. These threats will identify different parties that could intentionally or accidently compromise non-profits’ computers, some of tactics third-parties might adopt to compromise data stores, and ways to potentially manage such threats.

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
312
On SlideShare
0
From Embeds
0
Number of Embeds
37
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

How non profits can assess and evaluate privacy risks (net2vic october 2013)

  1. 1. How Non-Profits can Assess and Evaluate Privacy Risks Christopher Parsons University of Victoria
  2. 2. Talk outline • Nailing down ‘privacy’ • ‘Risk talk’ • Setting your own expectations • Securing your data...from who? • Considering your policies • Basic tips • Intermediate tips
  3. 3. <Caveat>
  4. 4. By Sang Valte Nailing down privacy
  5. 5. By flosofl ‘Risk talk’
  6. 6. Setting your own expectations internally • Assess: Data collection, use, management, disposal • Understand: How and why you collect data • Explain: Data processes clearly!
  7. 7. Effective collection • Clear • Purpose driven (and limited) • Secured for clear duration • Minimum needed for service offering
  8. 8. Securing your data • ‘Where’ is data, and who can access, and when/why? • Are you geographically limited in where you can store? • Who are securing it from? • If you don’t have it, you don’t need to secure it!
  9. 9. Considering your policies • Secure email? Data retention? Share PII? • What if LEAs arrive? Where is the data? • Who to contact? • Do you update? How? • Not just legalese!
  10. 10. Basic tips • Role based access • ‘Good’ hygiene • Secure mobile devices • Outsource to reliable partners
  11. 11. Intermediate tips • Encrypt OS and thumbdrives • Activate remote wipe capabilities • Lunchtime briefs • Privacy ‘point’ • Plan for FUBAR, and beyond!
  12. 12. Contact information • Email: christopher@christopher-parsons.com • Homepage: http://www.christopherparsons.com • Twitter: @caparsons

×