I've made the point of numerous occasions here on my Windowsecurity.com bog that security and privacy is not the same thing. The most obvious example is virtual private networking (VPN). Many people think that deploying a VPN is a security solution. The fact is that this isn't necessarily true. A VPN provides for privacy, but intruders can hack into your network over a VPN and do it privately. On the other hand, you could use an advanced firewall and VPN server, such as the Microsoft ISA Firewall, and have both privacy and security for VPN connections.
Organizations who realize this often have different people dedicated to security and privacy concerns. The problem is that many of these companies lack a close association between the two groups, this can end up reducing both privacy and security for the organization.
In an article by Tom Gemmell, Principle Privacy Program Manager at Microsoft, he discusses these issues in Security and Privacy: Twins of Different Mothers at http://www.microsoft.com/technet/community/columns/secmgmt/sm0508.mspx
It's an interesting and thoughtful piece, so check it out!
Thomas W Shinder, M.D.
GET THE NEW BOOK! Go to http://tinyurl.com/2gpoo8
Email: [email protected]
MVP - Microsoft Firewalls (ISA)