Privacy and Security: What’s the Difference?

Workspace desk with computer and accessories on it and the phrase Secure U overlaid

What’s the difference between privacy and security? They both sound good, right? Like things we should have set up already? Or maybe they sound like they are the same thing.

While security and privacy are connected, they are two distinct concepts. Understanding the differences can help you protect important information in the digital age.

The difference between security and privacy

Consider a window. It lets in sunlight, fresh air, and sometimes is used to enter or exit a space. In order to add “security” to that window, you could install locking shutters, bars or a grate, or sensors that are connected to a security monitoring system. To add “privacy” to the same window, one could put up curtains or blinds. Both allow the window to operate as necessary - it can still open, and let in light and air - but additional measures have been added to make it more secure (sensors) and to protect the people and things that one can see by looking into the window (curtains).

If we use the window analogy on something like banking information, you can see how additional “security” can make it more difficult for someone to access your accounts or data, and additional “privacy” would protect others from seeing your name or identifying information and other details like account numbers and balance. For systems (or windows) with inadequate security, the privacy of the information (or occupants) contained within a unit, is at risk.

Security

Privacy

  • How information (data) is protected at all stages

  • The right to keep personal information from being accidentally or maliciously disclosed, or from unauthorized access

  • Defines the “how” of protecting data

  • Defines the “who, what, and when” of protecting data

  • Sets up safeguards and controls to allow or restrict access to data, protecting from unauthorized disclosure, theft, alteration, or loss

  • Outlines the conditions under which information can be accessed, used, or shared

  • Establishes the method of protection for information

  • Establishes the right for information to be protected

Security and privacy work hand in hand to protect sensitive information in your lives and also at the University of Minnesota. The University of Minnesota has a robust policy library that defines the “who, what, and when” of privacy, and teams of employees dedicated to the “how” of security. Many different types of sensitive data are utilized, stored, and accessed every day at the University, such as medical information, student grades, admissions details, copyright material, payment reports, research findings, and much, much more. Through a combination of committed security professionals and sophisticated and ever-evolving privacy policies, the University of Minnesota is dedicated to be compliant with state, federal, and international laws to protect information appropriately.

Understanding the difference between security and privacy is one of the first steps for faculty, staff, and students to help with actively protecting such information everyday. However, there is always more we can do. Here are a few easy ways to increase your personal and professional security or privacy today:

Security

  1. Use VPN: VPN stands for Virtual Private Network, and allows you to connect to the University network while you are off campus. It encrypts the information that passes between you and the University while you are connected. A VPN network is necessary when you are connecting from a non-University Internet Service Provider, using unsecured WiFi, transmitting sensitive data, accessing restricted University resources, or want a secure connection. Learn how to download and connect to a University-supported VPN client.

  2. Use secure WiFi: Be wary of public WiFi. They are unsecured connections and you run the risk of having your personal information tracked or collected when browsing on unknown networks. Be especially careful when entering passwords or accessing personal and financial information online. Avoid using public computers when possible as well. Always search out a secure, known WiFi network, such as eduroam.

  3. Use two factor authentication: Use two-factor authentication wherever possible (like Duo Security at the University of Minnesota) to safeguard your accounts and info. Two-factor authentication combines something you know with something you have to ensure only you can access your data. Learn more at z.umn.edu/DotheDuo.

Privacy

  1. Share carefully: Review user agreements or privacy policies when using or registering for new services or apps.

  2. Check your privacy settings: Check out your Google accounts, social media accounts, and email accounts, and always be cautious about what you post and if it is “public” or “private.” There are often varying shades of privacy until you manually review all of your settings.