You cannot always have both Security & Privacy. But with SmartSignin, you can!

Lets start by defining the two terms. Online security refers to how your information is protected from cyber criminals. On the other hand, online privacy ensures that your information is not available to anyone without your explicit permission.

Many people equate security with privacy. They are inter-related but can the terms be used interchangeably. Having a secure platform doesn’t mean that users’ data is kept from the hands of those who operate the platform. In this sense, the platform would be secure, but wouldn’t award privacy to its users.

Think about this situation: When you are on the phone with your credit card company, they ask you to provide personal information you wouldn’t normally give to a stranger. They do this for the sake of security, ensuring that you are not trying to impersonate someone else or vice versa. This assurance of security implies a loss of privacy, with regards to the credit card company.

The controversy in the United States over the TSA is a great example of the “security vs. privacy” dichotomy. Many Americans quote Benjamin Franklin on this to share their sentiment on the situation: “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”

Now lets use a popular web app as an example: Facebook. One of Facebook’s security features is social authentication. If more than one login attempt is detected, Facebook requires that you correctly identify pictures of your friends on Facebook to get access your account. This helps protect and secure your Facebook account from being hacked by intruders. On the other hand, Facebook has been constantly accused of abusing the privacy of their users, most of whom are not very internet-savvy. An example of a breach in privacy would be Facebook’s “Like” button on external sites. Even without clicking the “Like” button, Facebook is informed that you visited the site. This is a clear invasion of privacy.

Security obviously has its merits: It makes sure that your personal and sensitive information doesn’t fall in the wrong hands. However, it’s naive to think that security will protect your privacy. A business that does not use security barriers that sufficiently protect its data will eventually succumb to a privacy breach. But even if a business does have the best security controls, they may not have a privacy policy in place that protects employee or customer data. For example, a digital marketing business may have the security tools in place so that their network is not hacked. But they may be collecting, tracking and then sharing their customers’ data with third parties without any explicit permission from the customers.

When you subscribe to a web application or use a SaaS app, do you read the Privacy policy? If your answer to this question was “No,” then you should definitely take a peek! Within the privacy policy, the vendor will tell you who has access to your private data and what they do with the data. If the privacy of your company, customer, and employee data is important, you must ensure that your privacy is shielded as well. Look at Google Docs, for example. Because of the unification of Google’s privacy policy, Google now has the right to access and make derivative works from documents you maintain in its repository. It may not use that right, but the fact that it’s present should be unsettling enough.

With the increase in security breaches and new ways to collect private information, privacy and security are hot topics in our highly digitized world.

It is now more essential that businesses have privacy and security policies in place. Understanding the difference between the two can help create clear messages about both how data is used and kept within a secure environment.

With the rising popularity of cloud computing, SaaS applications, and BYOD, the need for a Cloud identity solution to manage users’ passwords and their access to applications from within the enterprise and in the cloud is even more crucial for cost savings and business agility.

Still, many companies are hesitant to adopt Identity as a Service (IDaaS) or Identity & Access Management as a Service (IAMaaS). The reluctance comes from discomfort in outsourcing critical identity data to an external vendor’s servers. This can create problems with regard to privacy and data confidentiality, and it can even lead to non-compliance to Government regulations.

Unlike our competitors, we at SmartSiginin are proud of the fact that we cannot access your credentials or data. Your keys to access all your accounts remain under your control. Our patented algorithm enhances security and privacy and ensures there is no single point of failure. Your security and privacy is always protected!