Genetec has shared a comprehensive set of data protection best practices to help physical security leaders protect privacy, safeguard data and enable trust without compromising security.
This initiative comes as a response to the escalating importance of data security in an increasingly interconnected digital landscape. By prioritising privacy, organisations can effectively contribute to a safer digital and physical landscape for all.
“Organisations should never have to choose between data privacy and security. By equipping physical security professionals with these essential strategies, Genetec is spearheading a paradigm shift towards a more resilient and trustworthy security ecosystem. It is an on-going process, and organisations should regularly update protocols, stay informed and continuously educate their teams on best practices,” said Firas Jadalla, Regional Director – Middle East, Turkey and Africa (META) Genetec.
Genetec recommends organisations ensure their security systems respect data privacy by:
1. Collecting and storing only what you need:
A fundamental rule of data security is to collect and store only essential information. The potential impact of a security breach can be reduced by minimising stored data. It’s important to regularly review and audit data and dispose of unnecessary information responsibly.
2. Limiting access to sensitive data:
Enhancing data security involves restricting access to sensitive information. Genetec recommends implementing data-sharing best practices, such as removing personally identifiable information to safeguard individual privacy. Techniques for anonymising personal information while retaining its utility include:
- Randomisation (adding noise to numerical values such as an individual’s age or income),
- Pseudonymisation (such as replacing names with unique identifiers), tokenisation (such as replacing credit card numbers with tokens that have no direct correlation to the original numbers),
- Generalisation (such as converting exact birthdates to age ranges),
- and data masking (showing only the first few digits of a phone number).
3. Ensuring privacy without compromising evidence:
By making use of technologies such as KiwiVision Privacy Protector, organisations can automatically anonymise images of people, so they can continue to survey surveillance footage while respecting privacy. This technology also offers an additional layer of security that ensures only authorised users can ‘unlock’ and view unmasked footage while maintaining an audit trail.
4. Being transparent and get user consent:
Building trust through transparency and user consent is essential. It’s important to clearly communicate with users about the data collection process, promoting informed decisions. Organisations should also gain explicit consent before collecting and processing data.
5. Choosing a reliable data storage provider:
Organisations should select a data storage provider carefully, ensuring a clear understanding of data storage, handling and sharing practices. If using third-party services, organisations should demand strong security measures and reliable data handling practices. Establish who ‘owns’ any data stored in the cloud, and any rights/privileges associated with the use or disclosure of any information.
6. Establishing strong policies:
To ensure long-term data safety, Genetec recommends putting in place robust policies across the organisation. Enforcing a transparent chain of custody through technology, such as a Digital Evidence Management System (DEMS), ensures accountability and traceability at every stage of the data lifecycle.