While in Australia we are working under the 2017 Notifiable Data Breach features of the Privacy Act; 1988. This did not prevent the Cambridge Analytics harvesting your data. In Europe where your data ended up there is the GDPR, General Data Protection Regulation; 2016. That didn’t help much either! We all lost information to Cambridge Analytica social engineering AI technologies.
This is about security carelesness.
Security credentials seem to be a problem for people to remember. So many mobile Apps and web services seem to want to help us out by using a service we already “trust”! We Just………
Do you trust Google to manage your security? Facebook security might be trustworthy but, they will not secure your data or that of your “friends”.
Natasha Stokes blog post in May 2017 here:
The answer to this question is NO! Or don’t use your primary account to logon to these services.Using an alias with no friends or associated content.
Security strategies for simplifying account access management;
- setup and alternate user for Google or Facebook ( it is simple to setup a a 2nd valid account on Facebook or Google)
- Use multi-factor authentication ( get an text message or email verification for all device logons > 30 days apart)
- Use a secure password strategy; a) “super secure” for financial impact sites; b) “business secure” for company accounts c) “user secure” for commonly used applications
- Implement a password management application to generate secure passwords and remember them using a “pass phrase” retrieval process.
Learnings
Social Media platforms are not designed to secure your data. They are setup to make money from your information. Don’t use them to establish trust relationships.