Topics In Demand
Notification
New

No notification found.

3 Ways to Build Trust into Technology
3 Ways to Build Trust into Technology

April 4, 2021

14

0

The recent implementation of privacy labels in Apple’s App Store have ignited a new wave of discussions over privacy concerns with technology applications. Users now have greater visibility into the type of data that is collected, who that data is shared with and how it is used. 

This new label system is not just a shift from lengthy and confusing privacy policies to accessible information for the layman, it’s an indication of a much bigger theme: the public’s changing expectations towards transparency and privacy. 

Consumers and businesses are both more aware of security and privacy issues than ever before, and the slew of cyberattacks and breaches in 2020 truly solidified the understanding of consequence if these things aren’t done right. Expectations are no longer just about how companies handle security and privacy, but how transparently they communicate those protocols. Companies and developers must adapt to these changes or risk facing backlash from users and regulators alike. 

Here are three things developers and companies can implement to build trust into their applications.

1. GO OPEN SOURCE

Applications that are open source inherently display greater transparency, which provides better insight on the inner workings of the app and allows the technology to speak for itself. Companies can always claim that their software does not collect personal data or share information with third parties, but the reality is that people are more skeptical of technology than ever before after countless scandals and breaches that occur every year. 

Making your platform’s code accessible allows outside developers to check that any security and privacy claims are met in reality. This practice of hyper-transparency can be taken another step farther with regular cybersecurity and code audits from security researchers and industry organizations for more in-depth analysis and certification. 

2. RETHINK YOUR SECURITY FOUNDATION 

Without a proper security foundation, many platforms not only struggle to implement modern solutions rapidly, but they will also be at an increasing disadvantage as cyberattacks become more sophisticated. Failure to engrain security at foundational level has led multiple companies, government and education institutions to effectively blacklist certain applications from use. Furthermore, poor security infrastructure can lead to a loss of development time and resources in the event that an application needs to remediate a major vulnerability or address privacy concerns .

A proper infrastructure overhaul is a huge undertaking, and many developers would need to backtrack or compromise on removing convenient features for better security. While many may not be willing or consider themselves able to do this, it’s important to keep an eye on the broader changing landscape. Cybercrime is expected to cost the global economy upwards of $10.5 trillion by 2025. 

3. IMPLEMENT ZERO TRUST 

It’s clear that there needs to be an overhaul in a lot of the ways companies and businesses operate in order to build a sense of trust with users. While the technical aspects of this — like implementing transparency through open source and security-first infrastructure — are important, it’s also critical to update the mindset and human-centric elements to safeguarding data and privacy. 

One effective approach and strategy is adopting a zero-trust framework, a security model that assumes that all data, devices, apps and users inside or outside of the corporate network are insecure by their nature and must be verified before being allowed access. This methodology employs stringent protocols and includes tools such as multi-factor authentication, end-to-end encryption, identity-access management, orchestration and other comprehensive system permissions and safeguards. 

The key component to zero trust is that it is a holistic strategy, involving both technical protocols as well as an overarching dynamic and hyper-vigilant mindset that is ingrained into how an organization operates and proactively defends against cyber threats. It requires a change in strategy at all levels of the organization, because one mistake by an employee can be exploited into a major cyberattack. Only a holistic approach that is based on infrastructures with these core principles can help meet the expectations of users and the cybersecurity challenges of the future.

Source: Built-in.com/Alan Duric


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


RohitKaul

© Copyright nasscom. All Rights Reserved.