Privacy commissioner convenes panel on data security

Share this article:
Should security standards for cloud computing be codified? There was broad general support for establishing high standards of data security at a public forum convened by the office of the privacy commissioner, but most respondents do not feel that the government should take the lead.

Eleven written submissions were received, and a number of people participated in the public forum held in Calgary.

On the topic of data safeguards, there was unanimity that it was one of the most important issues surrounding cloud computing. Many noted that mandatory security breach notification would help provide transparency about the practices of various types of cloud computing providers.

Respondents noted that both public and private cloud providers present security challenges. While it's a given that consumers have less control over security within a public cloud, the private cloud requires safeguards, as well.

During the public dialogue portion of the forum, panel members agreed that consumers need more, and better, information to enable them to choose a provider. Within an enterprise model, organizations also need guidance to determine what they can demand from a provider and what they should expect.

As a result of the forum, the privacy commissioner drafted six proposed actions, which include: encouraging the Royal Canadian Mounted Police to reach out to the private sector on data security and identify theft measures for consumers; urging organizations to develop security standards; conducting additional study into the management of personal information; and developing education initiatives for individuals who use cloud services.

Further input is also being requested regarding work that cloud providers are undertaking, on security issues related to a hybrid public/private cloud model, and on the suggestion that government draft security standards.

The report on the public forum can be found here.

Share this article:
close

Next Article in SC Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

More in SC Canada

Almost 40 percent of Canada's Justice Department duped by phishing

Almost one in four employees at Canada's Justice Department fell prey to internet phishing in an exercise last December.

Microsoft wavers on Canadian spam fears

Microsoft has reconsidered a move to cease security emails in Canada, following the introduction of an anti-spam law north of the border.

Underinvestment, poor communication plague Canadian cybersecurity

Canadian cybersecurity is languishing due to poor communication and disappointing security investments, according to research from the Ponemon Institute.