Dustin Andaya, Island Rose’ Marketing Director was invited to the annual CIO Roundtable. Joining the editorial staff of Computerworld and 42 IT executives, Dustin Andaya took part in discussing different IT issues in roundtables. Each roundtable discussion spanned strategic IT investments, continuous availability, open source in the enterprise, IT in SMEs, state of Philippine IT education, Internet security, IT in government, IT recruitment, measuring the value of IT and maintaining the privacy of customer data.
Below is a part of the article written by Computerworld Philippines Staff. This is published in Computerworld Philippines December 2007 issue.

The Right to Privacy

Keeping customer data private and secure is a challenge that any company, regardless of industry, has to address. While various technologies have long been available to protect vital customer data, companies that currently have or are headed towards having an Internet-based business component are exposed to an entirely new set of threats to their data.
At the 10th monthly CIO Roundtable, five technology chiefs from various institutions expounded on how maintaining customer privacy does not simply involve investing in appropriate technology but also developing a comprehensive data privacy strategy that involves issues like education, policies and procedures, and enforcement and compliance.
“Our business has certain unique needs, since we cater to clients in financial services, and there are certain regulations involved like the AMLA (Anti-Money Laundering Act) that we have to observe,” said Edgardo Lim, vice president for information systems services of Generali Pilipinas. Lim said the information that they need to protect typically includes financial data such as credit information, bank account information, PIN numbers, sources of income, the income itself, and contact information. “One of the reasons why we are not online is the sensitivity of the information we deal with. While it may be easier to sell insurance online, the majority potential clients would not be comfortable giving out his information over the Internet.”
At the Philippine Stock Exchange, the focus is more on protecting confidential corporate information. “The users of our systems are mainly broker firms and we do publish their names, addresses, and telephone numbers on the website so that their customers can get in touch with them,” said Lito Averia, chief technology officer of the PSE. “Since we deal extensively with the public, a lot of the information in our system is actually within the public domain. On the other hand, an example of the confidential corporate information that we protect, would be the 201 information of employees – this falls under another class of information not made generally available to the public.
For Dustin Andaya, Marketing Director of Islandrose.net, it is the people inside the company that are critical to maintaining data security and privacy. “So you really have to hire people that you can trust because there are a lot of security measures that you can take to avoid hackers, in fact you can even hire companies to test-hack your site but the people that are handling, say the orders, it is really left to their discretion so you have to put people there that really know what they are doing and that know the value of the data,” said Andaya. He believes the biggest threat in internal.
Concurring with Andaya is Susan Perez, senior vice president for the management information systems division at Air Philippines Corp. “I agree because most information leaks would be coming from the people inside so we just have to keep reminding them about our policies regarding data privacy. That’s all we can do; you cannot put any hardware or software to prevent them from giving out information. It’s basically training and re-training because everyone has access to the reservations systems.”
Richard Bragado, IT manager of Southeast Asian Airlines, said that putting data recovery systems in place is important. “That is one way of protecting the data, and making it available only to the people authorized to access that data. In our business, we keep the data for our own internal use and, as a policy, do not make it open to the public.”

===

Always send high quality flowers. Philippine Cut Flower Corporation, owner and operator of Island Rose, specializes in greenhouse technology to keep its roses fresh and vibrant.  Send flowers to the Philippines through Island Rose and see the difference!