Protecting Personal Information

Full Title

How a large enterprise should structure itself to limit the risk of exposing User Private Information.

Context

US Federal Trade Commission Protecting Personal Information: A Guide for Business

Problems

• Whenever a secret is widely shared, it should be treated as public knowledge as every process that can access the secret needs to as secure as the information protected by the secret.
• Secrets should never be accessible by any process that is accessed by any untrusted process. For example a Web Site that is accessed by the public internet should never have access to secrets.
• Since Web Sites may access data that is protected with encryption by secret keys, the process that does the decryption should not be in the same process, or security domain, as the Web Site.

Solution

Board of Directors

Policy and responsibility must start at the Board of Directors for the Corporation (or the similar responsible party in other types of Enterprises)^[1]

fubar

• One reasonably secure approach to the problem would be to have a user-defined encryption key (either static or derived from passphrase, initialization vector (iv), etc) which should be used by all servers on your farm. What needs to be done at application installation (on each server) define this key and store it in secure form, so that only a secure application can retrieve it.

than any web facing project with its own secure store and deployment process.

Server Farms

Ensuring user private information is properly protected on a company’s website requires a multi-layered security approach.

1. Implement Strong Authentication - Use multi-factor authentication (MFA) to prevent unauthorized access. - Require strong passwords and encourage users to update them regularly.
2. Encrypt data at rest (stored data) and data in transit (moving data). - Use SSL/TLS certificates to secure website communications.
3. Limit Data Collection - Only collect necessary user data to minimize exposure. - Anonymize or mask sensitive information when possible.
4. Secure APIs and Databases - Implement API security measures like authentication tokens. - Regularly update and patch database vulnerabilities.
5. Monitor and Audit Security - Conduct regular security audits to identify weaknesses. - Use intrusion detection systems (IDS) to monitor suspicious activity.
6. Educate Employees - Train staff on cybersecurity best practices to prevent human errors. - Implement access controls to limit who can view sensitive data.
7. Comply with Regulations - Follow GDPR, HIPAA, or CCPA compliance standards.
8. Maintain transparent privacy policies for users.

References

1. ↑ Dominique Shelton Leipzig, Trust.: Responsible AI, Innovation, Privacy and Data Leadership ISBN 9798887501734

Other Source Material

• Also see wiki page Shared Data Protection.