WebGunForHire Home Call Me In for an Interview Today!
Current Topics
Advice Archive
Winning Websites






Visit WebGun Award Winners








On Target:
Is Your Data Privacy Fly Open?


Think your e-Business isn't big enough to have to worry about privacy and security issues? Think again.

The heretofore largely unregulated era of data privacy is rapidly coming to a close, with privacy laws on the books in over 40 countries already, the U.S. instituting major new regulations for data privacy and security for the financial and healthcare industries, and various broad legislative initiatives under way.

Time to make sure your data privacy house is in order, so that when questions about your security preparedness get asked (and they will, sooner or later), you'll be ready to respond. It's also better to take some proactive privacy defense measures now, before you end up on the wrong end of a successful hack or a privacy breach-related lawsuit. And data security is already an issue if you do any business online, since your site has undoubtedly already been scanned for vulnerabilities countless times already (if your site hosting company tells you otherwise, someone's asleep at the firewall).

It's easier to self-audit your data security than you think. The questions you need to focus on specifically are:
1. What data is stored
2. How and where it's stored
3. How it's processed
4. Who looks at it
5. What you're supposed to be doing with it

Assessing Your Data Privacy Vulnerabilities

Question 1: What data is stored?
Find out from your Webmaster or e-commerce service provider what kind of data you're storing. In fact, forget about the fact that you're interested specifically in customer data, since this may put a filter on what data you're told is stored. Identify all the data that's being collected-name and address, order number, etc.-then select any customer-related data and sort it by type to proceed:

High-risk customer data
- Credit-card numbers (complete number)
-Medical information

Lower-risk customer data
-Customer information such as name, address, partial credit-card numbers, and phone number (NOT including Social Security number or any complete credit-card numbers)
-Customer order histories (those of a personal nature, such as medical supplies and pornography, may be high-risk)

Minimal-risk customer data
-Web site activity report information (number of hits, number of unique visitors, originating domain of visitors, referring URL, etc.)
-Aggregate customer information (purchases by age/region/product, etc.)
-All other non-personally-identifiable customer data

Question 2: How and where is the data stored?
Now you'll almost certainly need to talk to whoever built and/or is involved in hosting your Web site to answer this question. This is after all a technical question, and it involves exactly what servers your data sits on, and how it sits there.

Here are the rules you should follow if you're storing any high-risk customer data such as credit-card numbers:
-The data must be stored encrypted
-The data must reside on a database on a separate server from your Web server.

Why? Because if such high-risk data's not encrypted, then it's stored in a file that's easier for someone to read. Don't be surprised if encryption also becomes either a legal or business (i.e. hacking defense) imperative as well over the next couple of years, as it already is in some industries and countries. If you use a payment gateway services provider, by the way, there's no reason to store credit card numbers anyway, and not doing so is the best security move you can take.

A separate database server for any high-risk data, even if encrypted, also admittedly makes for a more expensive site hosting environment. However this is another area where cutting corners is ill-advised: If the database holding that high-risk data sits on the Web server, it is inevitably more immediately accessible to Internet traffic, including unauthorized access attempts.

Question 3: How is customer data processed?
Follow the data and see where it leads. Where do order confirmation messages get sent? Are these messages e-mailed? If they are, and if they contain a customer's complete credit card number, shoot yourself-Rule 1 is NEVER send or request a credit-card number via e-mail, which is an inherently insecure electronic communication format.

Under all circumstances you should always treat ALL your customer's data with care-many companies have come under fire simply for sending e-mail to their customers via the To: field in a single mass e-mail, thereby allowing all recipients to see every other recipient's e-mail address. If you're part of a shared hosting environment or on an outsourced e-commerce platform, find out if any of your service providers access any of your customer or transaction data, and what they do with it.

Standard Web site activity reports are pretty low-risk in terms of potential privacy breaches. If your site activity reports are like most, they're based on Web server-logged activity, none of which identifies site visitors by name.

Question 4: Who looks at the data?
You should already have most of the information you need on who is accessing the data and what they're doing with it. Now check who else, if anyone, is looking at this information. Is it sold to or shared with an outside company or business partner?

After completing this step, you should have identified and categorized all the data being collected, how it'is processed, where it goes, and who looks at it, which are all the facts you need for a viable data privacy and security assessment. The next step puts these facts into perspective.

Question 5: What are you supposed to be doing with the data?
The answer to this question puts all of the information you've got so far into perspective. And if you're in healthcare or the financial industry, or doing business in Europe or other strong-privacy-standard countries, this question will be answered for you by various laws and regulations.

Otherwise, at least in the U.S., you can pretty much set your own privacy standards, at least for now. There are lots of recommended privacy policies and industry "best practices" you can read up on at privacy.org and similar pro-privacy Web sites, but the bottom line still seems to be that, as long as you do what you say you do with your customer data in your privacy policy, you can do practically whatever you want--at least until the market, the law, or the FTC say otherwise.

But whether or not you have specific laws that answer the question of how you collect, store, and use customer information for you or you get to make up your own answers, you need to get your data privacy and security house in order. The data privacy hurricane is growing, so it's time to tape up your windows.


PM Toolbox
Search This Site

Search this site for your
eBusiness topic of interest



Home | On Target | Advice | About | Services

©2005 Tom LaTourette. All rights reserved.
Email me