Technical Field
In general, the present disclosure relates to the field of data security. More particularly, the present disclosure relates to a method and system for digital privacy management.
Background Information
In modern enterprises, networked computing environments may include cloud-based storage and services, on-premises workers, home-based workers and independent contractors working off-site. Such complex computing environments pose a substantial risk both of internal and external attacks. In spite of these data security risks, it is commonplace for enterprises to fail to take adequate measures to prevent such attacks from occurring. For example, data may be stored as ‘clear text,’ clearly visible to potential attackers. Or, even if data is encrypted, the cryptographic keys are also stored on the same servers as the encrypted data. Neither approach is very secure. It is not surprising, then, that many enterprises have been victims of cyber-attacks, in which unprotected confidential information (credit card numbers, patient records, insurance data, etc.) has been stolen or compromised, even though the data was stored, presumably ‘safely,’ within the enterprise network. The costs of these attacks often include financial loss, productivity loss, and credibility loss that can be permanently damaging. There is a need to provide security beyond legacy architecture to protect against both external and internal attacks.