Podcast: Integrating Privacy Practices into the Software Development Life Cycle

This week Kim Howell, Director of Privacy Governance in the Microsoft Trustworthy Computing Group, and Ralph Hood Lead Program Manager for the Security Development Lifecycle (SDL) in Microsoft Trustworthy Computing Group. Participated in a podcast on “Integrating Privacy Practices into the Software Development Life Cycle,” with the Computer Emergency Readiness Team (CERT):

Integrating Privacy Practices into the Software Development Life Cycle

December 22, 2009
Featuring Ralph Hood Kim Howell and Julia Allen

Clearly security and privacy are closely linked when it comes to protecting information, yet when it comes to software development, privacy hasn’t yet pulled the same profile as security. As is the case for security, privacy is most effectively addressed when privacy practices, roles, responsibilities, and review approvals are integrated into your existing software and security development lifecycle. This helps ensure that privacy is at the forefront of developers’ minds as they execute each lifecycle phase. In this podcast, Ralph Hood and Kim Howell, both with Microsoft’s Trustworthy Computing Initiative, will discuss Microsoft’s top ten privacy practices and how they have been integrated with their security development lifecycle (SDL). Ralph is a lead program manager on the SDL team and Kim is a director in the Privacy group.

Download:
full conversation (17:27)

· Keeping Privacy at the Forefront; Collect Only Essential Information (6:54)

· Minimize Collected Data; Prevent Unauthorized Access (5:08)

· Gain Parental Consent; Ensure Privacy in the SDL (5:29)

Additional Materials
Show Notes
Transcript(pdf)