Accountability in Security Starts with Leadership Practices
Handling people’s data is a serious responsibility. Karen Meohas, xMatters information assurance manager, writes that it requires sound legal and technical practices, leadership support, and total transparency. In this article, Karen explains how xMatters drives accountability in security.
In today’s digital world, being accountable means much more than just being responsible for something. Accountability means you’re able to show how you’re responsible for what you do. For us here at xMatters, that means how we’re handling people’s data.
What is Accountability?
While there are many definitions for what it means to be accountable, the preferred definition from the International Association of Privacy Professionals (IAPP) states that accountability is:
“The implementation of appropriate technical and organizational measures to ensure and be able to demonstrate that the handling of personal data is performed in accordance with relevant law….”
This definition shows that leadership practices are a key component of accountability. Data governance and privacy professionals need support from top management to implement the necessary policies, processes, technical requirements, and organizational controls. With that support, they should produce a consistent program that achieves industry-recognized certifications, compliance, and market recognition.
The digital buyer’s perspective
It’s well known that excellent product performance gives digital buyers confidence to say good things about the products and services they trust. But now, more than ever, accountability also drives digital buyers to talk about the vendors of these products and services – in both positive and negative ways.
This external demand for vendors to be accountable for the data they process is the driving force behind stakeholder buy-in. However, recently it seems that everyone is a data privacy professional. That is, digital buyers won’t ask about your data policies; they’ll expect you to have something to say about them. Being transparent – from top to bottom – supports this data governance posture.
Accountability at xMatters
This is exactly the approach we have taken at xMatters. We have an Information Assurance (IA) portfolio that aligns with our corporate strategy and goals, top management has a seat at IA steering committee review meetings, and our framework is publicly available on our website.
We recently created the xMatters Trust portal with the objective to be transparent and showcase how we manage and secure our clients’ data throughout its lifecycle. Security controls and downloadable resources are now available, as well as Privacy Compliance reports and information on how we manage this specific framework.
Where do we go from here?
Making accountability meaningful when building policies, creating new technologies, or announcing cutting-edge research will make everyone’s job easier in the future. Privacy by design is no longer enough to underpin today’s digital governance requirements. Instead, the new focus is on accountability by design.
Experience accountability in security for yourself by trying xMatters for free for as long as you like.