Privacy and Security by Design:
An Enterprise Architecture Approach

Cover of Privacy and Security by Design: An Enterprise Architecture ApproachAs threat levels rise, the old way of protecting data assets, which simply builds a defensive “perimeter” around a resource, will no longer be sufficient. Rather, security must go on the offensive and address information security and privacy concerns as the default mode of operation of a business or organization. The new paper explores the strong synergy that exists between the related disciplines of privacy and security. Although the disciplines are closely related, they are not synonymous. Privacy seeks to respect and protect personally identifiable information by empowering individuals to maintain control over its collection, use and disclosure. Information security seeks to enable and protect activities and the assets of both people and enterprises. While on the one hand, strong security is essential to meet the objectives of privacy, on the other hand, well-known privacy principles are valuable in guiding the implementation of security systems.

Commissioner’s Corner Video

Privacy by Design and Security by Design

The following table illustrates, at a high level, how a set of Security by Design principles can be modeled upon the 7 Foundational Principles of Privacy by Design.

Privacy by Design Foundational Principles Privacy Security
Respect and protect personal information. Enable and protect activities and assets of both people and enterprises.
1. Proactive not Reactive; Preventative not Remedial Anticipate and prevent privacy-invasive events before they happen. Do not wait for privacy risks to materialize. Begin with the end in mind. Leverage enterprise architecture methods to guide the proactive implementation of security.
2. Default Setting Build privacy measures directly into any given ICT system or business practice, by default. Implement “Secure by Default” policies, including least privilege, need-to-know, least trust, mandatory access control and separation of duties.
3. Embedded into Design Embed privacy into the design and architecture of ICT systems and business practices. Do not bolt it on after the fact. Apply Software Security Assurance practices. Use hardware solutions such as Trusted Platform Module.
4. Positive-Sum Accommodate all legitimate interests and objectives in a positive-sum “win/win” manner, not through a zero-sum approach involving unnecessary trade-offs. Accommodate all stakeholders. Resolve conflicts to seek win-win.
5. End-to-End Security Ensure cradle-to-grave, secure lifecycle management of information, end-to-end. Ensure confidentiality, integrity and availability of all information for all stakeholders.
6. Visibility and Transparency Keep component parts of IT systems and operations of business practices visible and transparent, to users and providers alike. Strengthen security through open standards, well-known processes and external validation.
7. Respect for the User Respect and protect interests of the individual, above all. Keep it user=centric. Respect and protect the interests of all information owners. Security must accommodate both individual and enterprise interests.
Author:Ann Cavoukian, Ph.D., Information & Privacy Commissioner Ontario, Canada and Mark Dixon, Enterprise Architect, Information Security, Oracle Corporation
Date Published:September 23, 2013

Tags: ,