trademark
2c2kIhh
2c2kIhh
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
6.0 Scalable and Composable Privacy-Preserving Analytics (cont.)<br />
6.5.2 How?<br />
• Anonymized (or de-identified) data safeguards the privacy of consumers while still<br />
making useful information available to marketers or data-mining companies.<br />
• Establish a formal standard for privacy which addresses possible re-identification<br />
methods.<br />
6.6 Incorporate awareness training with focus on<br />
privacy regulations<br />
6.6.1 Why?<br />
To avoid potential litigation issues into the future. There are an increasing number of<br />
laws and regulations that require training and awareness activities related to privacy<br />
issues (e.g., the Health Insurance Portability and Accountability Act (HIPPA) and Health<br />
Information Technology for Economic and Clinical Health Act (HITECH) in the U.S., etc.).<br />
Awareness of these laws and regulations is critical.<br />
6.6.2 How?<br />
Implement awareness training focused on privacy issues and applicable regulations in<br />
each country.<br />
6.7 Use authorization mechanisms<br />
6.7.1 Why?<br />
To secure applications in the infrastructure stack. Over the last years, attackers have<br />
shifted their focus from operating systems to databases to applications.<br />
6.7.2 How?<br />
• Apply secure software development best practices, like OWASP (owasp.org) for Webbased<br />
applications.<br />
• Execute vulnerability assessments and application penetration tests on the application<br />
on an ongoing and scheduled basis.<br />
CLOUD SECURITY ALLIANCE Big Data Working Group Guidance<br />
© Copyright 2016, Cloud Security Alliance. All rights reserved.<br />
34