Strategies and techniques for protecting privacy

Certified Information Privacy Technologist

Why is encryption important when sending information on the internet?

Encryption ensures that even if online data is intercepted, it cannot be understood. Like someone opening a postcard that isn't theirs but they can't decipher the text.

Encryption

Encryption is the scrambling of information that requires a key to be able to decipher.

Cryptosystem

A cryptosystem is a collection of materials needed to encrypt and decrypt information such as algorithms and keys as well as hardware, software and equipment.

Algorithms

These are mathematical rule based processes that are applied to a block of data

Key

A key is a small piece of data that modifies an algorithm’s result

Symmetric encryption?

Uses the same key for encryption and decryption. Key is smaller which makes it more practical for encrypting large blocks of information and sharing it with multiple people.

Asymmetric encryption?

Uses one key for encryption and another key for decryption. Sender uses a public key to encrypt a message, and the recipient uses a private key to decrypt the message.

Application Encryption

Application encryption provides built-in encryption that is applied throughout a program.

Record Encryption

When records are encrypted one at a time which provides more enhanced and granular protection.

Field Encryption

Field encrption allows for specific fields of data to be encrypted, specifically very sensitive fields like credit card numbers.

Quantum Encryption

Quantum encrption (cryptography) uses quantum mechanics to encrypt messages.

Public-key infrastructure

Provides tools for obtaining and verifying public keys

How is Homomorphic encryption different from typical encryption?

It allows for encrypted information to be manipulated without being decrypted first.

What is Polymorphic encryption?

This is a powerful type of encryption that causes the algorithm to mutate with each copy of the code. The algorithm becomes difficult to recognize over time and harder to decrypt.

Mix Networks

This is a way to hide one’s traffic in a network by combining the traffic of multiple computers into one channel that is sent between multiple computers.

Access Management

Who can access the restricted data

Access control lists

Access control lists restrict unauthorised individuals, devices or services from accessing information.

Sophisticated access management

Restricts access based on more specific things like the user’s location, the time of access, the type of device being used etc

Least Privilege

The concept of granting individuals the lowest possible access rights that they need to complete tasks.

Role-based access controls

Access to information is granted to users based on their role/team in the organization rather than them as an individual.

Hybrid role-based and user-based controls

Common approach in an organization which blends the role-based access control and user-based access control.

Single Sign-On

SSO allows access to resources across different platforms by using just one ID and password. (think Microsoft and Google)

Federated Identity Model

With this method, a person’s identity is verified by a centralized service.

Remote Access and BYOD

Remote Access and Bring Your Own Device allow employees to access restricted resources on their own devices however this risks revealing personal information from the employee’s device.

Authentication

This is a process where you are validating someone’s identity and making sure they are who they say they are.

Four categories for authentication

1. Something you know (username or password)

2. Something you are (voice recognition)

3. Something you have (tokens, keys, ID badges and smart cards)

4. Where you are (Physical location that matches the expected location.)

What is “Identity”

The link between a piece of information and the individual or individuals associated with that data. Identity captures what we know about who that individual is.

What is “identifiability”

Identifiability is the extent to which a person can be identified.

What is the issue with having ‘High Identifiability’

This may put individuals at higher risk of tracking and identity theft.

Labels

These are characteristics that point to an individual. These can be precise, as in a name, or imprecise, such as with an attribute, depending on the context.

Identifier

These are codes or strings used to represent an individual, device or browser.

What are qualities of a strong identifier?

• No two people have the same identifier, unique for each person

• Think credit cards, passports and identification cards

What are qualities of a weak identifier?

• May belong to more than one individual like first name

Why is it a good idea to restrict data privileges to ALL employees including C-Suite?

Reduces the risk of them accessing or being tempted to access information they shouldn’t. Or in the case that their account is compromised, they already won’t be able to access confidential information.

Multi-Factor Authentication

A way of authenticating one’s identity by requiring more than one method of authentication

Domain Based Message Authentication Reporting and Conformance (DMARC)

DMARC is an email authentication, policy and reporting protocol that protects a domain from being used in phishing emails, spoofing, and other email scams and cyberthreat activities. If an email passes authentication, then it will be delivered and can be trusted; if not, the email will be quarantined or rejected

Digital Rights Management

DRM ensures digital content (including video games) is only delivered to those authorized to receive it. It can also limit what assigned users can do with the content. For example, a person may be permitted to read a document, but not allowed to modify it.

Quasi-identifies

Quasi-identifiers combine data with external knowledge, such as publicly available information, to identify an individual. Such as debit card account numbers.

De-identification

One of the primary techniques used to prevent an individual’s identity from being connected to their personal information.

Pseudonymization

Data is pseudonymized by replacing individual identifiers (such as names) with numbers, letters, symbols, or a combination of these, such that data points are not directly associated with a specific individual. 

Difference between pseudonymized and anonymized data.

Unlike anonymized data, pseudonymized data can be restored to its original state as long as the relationship between the original identifier and the pseudonym is documented.

Anonymized

In anonymized data, direct and indirect identifiers have been removed, and mechanisms have been put in place to prevent reidentification. 

Tokens

Tokenization, an example of pseudonymization, is a system of deidentifying data which uses random tokens as stand-ins for meaningful data.

K-anonymity, l-diversity and t-closeness

These are techniques that have been developed to reduce the risk of data anonymity being compromised by someone who might combine it with known information to make assumptions about individuals in a data set. 

K-anonymity

The creation of generalized, truncated or redacted quasi-identifiers as replacements for direct identifiers, such that a given minimum number (“k”) of individuals in a data set have the same identifier. 

L-diversity

builds on k-anonymity by requiring at least “l” distinct values in each group of "k" records for sensitive attributes. 

T-closeness

This further extends on l-diversity by reducing the granularity of data in a data set.