Understanding Your Corporate Security and Employees
A common error with most organizations is that what they do is exempt from all other issues in regard to security. The fact is that cybersecurity has a lot to do with the way the public perceives an organization. The fact is that the way your employees use customer records can have a huge effect on the way your data is used including business friendly or malicious attempts to manipulate data for theft or identity theft. It’s a signal that should be considered when employers hire someone who can see private data including private data that could be used for malicious intent, even if it should not be intended for malicious purposes such as identity theft.
Facebook is under scrutiny for such the same type of access when its security engineer was fired after it was revealed that this person exposed information that let users stalk women. This goes against all the public policies that Facebook has always said it tries to go against.
It goes to show that the way Facebook handles public data breaches is far different than other corporations. Inappropriate data handling regardless of the country is becoming toxic. The way a corporation handles private data sent from a customer and then handled from the corporation, including storage or how the corporation distributes or discloses information is the difference. It’s important for corporations that rely on private information and sensitive information of their customers and employee data to protect that data at all costs.
This is exactly what happened to Facebook who fired an employee that exposed private information that should not have been exposed to the public. But apparently, this Facebook employee exposed this information unknowingly and had crucially put many customers at risk, a problem for many organizations that hold private data and do not have the resources or the IT staff to protect from this type of attack.
Facebook has much of the public eye and the public scrutiny of what could be a problem for the public that does not want to give up their personal information. Even if it is information that would otherwise be available, should the user and the corporation decide to use information for monetary value even if it is innocently stored? This could be used for malicious intent such as the Cambridge Analytics situation where data was used and stored for what seemed like an innocent venture but was later seen as one of the biggest data breaches of all time.
The Facebook data breach was seen as one of the worst issues of all time, but most CTO and CIT management people can fight against the issue of privacy and security and cannot ever fight against the problem of security. For corporations that want to fight the issue of privacy and the issue of sending private information across the Internet, this can be a problem for any corporate.
As with any cybersecurity issue, you need to take the right precautions. One of the best ways to do so is to automate certain tasks that are highly prone to human error. Some examples include:
- locking unattended computers
- short passwords
- password sharing
- phishing attack susceptibility
- unintended data leak
See GateKeeper proximity access control in action.
Take a self-guided tour of how your proximity-based access control can work.