Trust us, we’re professionals
DataSolutions got an overwhelming response when the distributor asked Irish IT decision makers recently whether they trusted social media providers to manage their personal data carefully. They didn’t. And it wasn’t just a simple majority of them, it was in the ‘electoral vote for the governing party in a totalitarian state’ league (98%).
But what the survey also revealed was that Irish IT decision makers are a pretty mistrusting lot. Perhaps that’s to do with their jobs and the fact that they probably know a bit more about data privacy and cyber security than most other people. Nevertheless, it’s still a concern when 87% of them don’t trust retailers to manage their personal data properly, 65% feel the same about government bodies, 63% distrust utility providers and 53% mistrust banks.
In fact, the only group a majority thought were trustworthy (and then only marginally so – 53%) were their own employers. That says something and it’s hard to view it as positive. They might, for example, be prepared to give their employer the benefit of the doubt in terms of cyber security that they wouldn’t give to an outside organisation. They could, possibly, be inclined to view their employer more favourably because it reflects on them personally as IT decision makers in the organisation.
Anyway, commenting on the findings, Dave Keating, security specialist at DataSolutions, says (quite rightly) that “when it comes to managing personal data, trust in most organisations is at an extremely low ebb and considerable work needs to be done to rebuild trust with users. With the frequency and volume of data breaches over the past several years, it is not difficult to explain the trust issues”.
At this point, I’d like to throw a couple of spiders in the bathroom and ask the question: who is responsible for the implementation and management of the IT infrastructure that has been the victim of those data breaches? Vendors, channel partners and IT decision makers. And who, exactly, is responsible for the IT and data infrastructure at retailers, banks and government bodies? Vendors, channel partners and IT decision makers.
So here’s a question: Are those vendors, channel partners and IT decision makers markedly different from those in other organisations? Is there something that makes them less competent when it comes to issues of data privacy and cyber security than their counterparts in other organisations? Or is that most of the high profile and very public instances of data breaches have, quite naturally, tended to be concentrated on retailers, banks and government bodies?
Going back to the 53% who believe their employers are trustworthy when it comes to data privacy and cyber security, could that just be misplaced confidence that some of them believe they’re doing a better job in their own workplace than their counterparts in other organisations? How do we know they’re right? Are they, possibly, blinded by their confidence in their own abilities compared to the 47% who don’t trust their own employer to manage their personal data properly?
Whatever the answers, the big problem here is that if so many IT decision makers don’t trust so many organisations to manage their personal data properly, who can you trust?