Privacy commissioner convenes panel on data security

Share this article:
Should security standards for cloud computing be codified? There was broad general support for establishing high standards of data security at a public forum convened by the office of the privacy commissioner, but most respondents do not feel that the government should take the lead.

Eleven written submissions were received, and a number of people participated in the public forum held in Calgary.

On the topic of data safeguards, there was unanimity that it was one of the most important issues surrounding cloud computing. Many noted that mandatory security breach notification would help provide transparency about the practices of various types of cloud computing providers.

Respondents noted that both public and private cloud providers present security challenges. While it's a given that consumers have less control over security within a public cloud, the private cloud requires safeguards, as well.

During the public dialogue portion of the forum, panel members agreed that consumers need more, and better, information to enable them to choose a provider. Within an enterprise model, organizations also need guidance to determine what they can demand from a provider and what they should expect.

As a result of the forum, the privacy commissioner drafted six proposed actions, which include: encouraging the Royal Canadian Mounted Police to reach out to the private sector on data security and identify theft measures for consumers; urging organizations to develop security standards; conducting additional study into the management of personal information; and developing education initiatives for individuals who use cloud services.

Further input is also being requested regarding work that cloud providers are undertaking, on security issues related to a hybrid public/private cloud model, and on the suggestion that government draft security standards.

The report on the public forum can be found here.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in SC Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

More in SC Canada

CSEC mishandled private communications, says watchdog

Canada's foreign spy agency mishandled information on private communications that it had collected by mistake, according to the most recent report by a government watchdog.

National Research Council breached

Canada's National Research Council has written to partner companies informing them of a breach of its cybersecurity systems.

Canadian ISP used In $83,000 cryptocurrency heist

A Canadian ISP has been identified as the source of a cryptocurrency hack that stole $83,000 over four months.