Standards to secure digital trust

Share this article

digital trust

Digital trust is the confidence users have in the ability of people, technology and processes to create a secure digital world.

Digital trust is given to companies who have shown their users they can provide safety, privacy, security, reliability, and data ethics with their online programs or devices.

Beyond mitigating data privacy issues, digital trust leaders are also 2.1 times more likely to mitigate data retention risks. Having trustworthy data allows companies to use their data wisely to make informed decisions in response to their present state, the marketplace and current or anticipated concerns.

Failures related to digital technologies, from artificial intelligence to connected devices, from the security of personal information to algorithmic predictions, have eroded confidence at an unprecedented scale and rate. Surveys have also registered a decrease in trust in science and technology, a trust gap that is growing year on year, just as reliance on digital networks and technologies is accelerating.

The European Union’s upcoming General Data Protection Regulation (GDPR) will affect every organisation around the world that handles personal data for EU residents. The regulations will also inform data protection laws and corporate trust-building strategies elsewhere.

The UK government is developing a ‘digital identity and attributes governance framework’ for the future use of digital ID. The framework is part of a project to create a digital ID process that can be used as an alternative to physical ID such as passports or bank statements.

Planned government legislation will aim to create a digital ‘trust framework’ to oversee a robust accreditation and certification process by which organisations can prove their adherence to the rules of the trust framework; enable a legal gateway between public and private sector organisations for data checking and establish the validity of digital ID.

The government has highlighted that these measures would be relevant to legal processes that involve situations where proof of identity may be required multiple times.

The framework maps out standards and requirements that organisations must follow when using digital ID, including: having a data management policy that explains how they create, obtain, disclose, protect and delete data; following industry standards and best practice for information security and encryption; telling users if any changes have been made to their digital identity; having a detailed account recovery process where appropriate and notifying users if someone is suspected of fraudulently accessing their account or digital identity and following guidance on how to choose secure authenticators.

For guidelines around establishing digital trust, ‘Earning Digital Trust: Decision-making for Trustworthy Technologies’ presents an interdisciplinary view of what digital trust requires and how to make trustworthy decisions regarding the development or deployment of new technologies and digital services.

Existing standards and frameworks related to digital trust include:

ICO guidance on qualified trust service providers (QTSP)

ISO/IEC 27001:2017

NCSCs Cyber Assessment Framework (CAF)

NIST Cybersecurity Framework

ISO/IEC 27001:2013  Security techniques, Information security management systems requirements

Related Posts
Others have also viewed
Hydrogen installation at Equinix Data Center

Powering AI means rethinking the grid not replacing the generator

The rapid expansion of AI infrastructure has exposed an uncomfortable truth. Building larger data centres ...

Formula One is becoming the proving ground for enterprise AI

Artificial intelligence is no longer confined to helping Formula One teams analyse race data faster. ...

AI is redefining what sustainable infrastructure looks like

Artificial intelligence is changing more than the scale of data centres. It is also reshaping ...

Healthcare is discovering that AI depends on infrastructure

The rapid adoption of artificial intelligence across healthcare is drawing attention to a less glamorous ...