Genetec has shared a comprehensive set of data protection best practices to help physical security leaders protect privacy, safeguard data, and enable trust without compromising security. This initiative comes as a response to the escalating importance of data security in an increasingly interconnected digital landscape. By prioritising privacy, organizations can effectively contribute to a safer digital and physical landscape for all.

“Organisations should never have to choose between data privacy and security. By equipping physical security professionals with these essential strategies, Genetec is spearheading a paradigm shift towards a more resilient and trustworthy security ecosystem. It is an ongoing process, and organizations should regularly update protocols, stay informed and continuously educate their teams on best practices”, said Firas Jadalla, Regional Director – Middle East, Turkey and Africa (META) Genetec.

Genetec recommends organizations ensure their security systems respect data privacy by:
Collecting and Storing Only What You Need: A fundamental rule of data security is to collect and store only essential information. The potential impact of a security breach can be reduced by minimizing stored data. It’s important to regularly review and audit data and dispose of unnecessary information responsibly.

Limiting Access to Sensitive Data: Enhancing data security involves restricting access to sensitive information. Genetec recommends implementing data-sharing best practices, such as removing personally identifiable information to safeguard individual privacy. Techniques for anonymizing personal information while retaining its utility include:

1. Randomisation by adding noise to numerical values such as an individual’s age or income)
2. Pseudonymisation such as replacing names with unique identifiers
3. Tokenisation such as replacing credit card numbers with tokens that have no direct correlation to the original numbers
4. Generalisation such as converting exact birthdates to age ranges
5. Data masking shows only the first few digits of a phone number

Ensuring Privacy without Compromising Evidence: By making use of technologies such as KiwiVision Privacy Protector, organisations can automatically anonymise images of people, so they can continue to survey surveillance footage while respecting privacy. This technology also offers an additional layer of security that ensures only authorized users can “unlock” and view unmasked footage while maintaining an audit trail.

Being Transparent and Getting User Consent: Building trust through transparency and user consent is essential. It’s important to communicate with users about the data collection process, promoting informed decisions. Organizations should also gain explicit consent before collecting and processing data.

Choosing a Reliable Data Storage Provider: Organisations should select a data storage provider carefully, ensuring a clear understanding of data storage, handling, and sharing practices. If using third-party services, organisations should demand strong security measures and reliable data handling practices. Establish who “owns” any data stored in the cloud, and any rights/privileges associated with the use or disclosure of any information.

Establishing Strong Policies: To ensure long-term data safety, Genetec recommends putting in place robust policies across the organization. Enforcing a transparent chain of custody through technology, such as a Digital Evidence Management System (DEMS), ensures accountability and traceability at every stage of the data lifecycle.