Your personal Tumblr journey starts here
As reflected by our year of high traffic social media platforms, large scale company hacks, and increased amount of data, security of that data has become a top priority in tech. Defrag had a series of break out sessions that featured security. Hot topics highly discussed this afternoon have included the slippery slope of "who owns your data?" presented by Lorinda Brandon from SmartBear, "what's in your trash" explored by Rory O'Rouke, and online security challenges revealed by Rami Essaid of Distil Networks.
The biggest lie on the internet, according to Brandon, is that "you read the Terms Of Use". Let's be honest, we all quickly check the "read" box, and do not bother to even open the privacy policy. Why? To even understand the ramifications of what you are agreeing to would take hours and still be missing details. Brandon shared her hours long experience picking apart Samsung's privacy policy and found that Samsung "Share(s) information for purposes of business and ecosystem". Our data and how businesses use it for their own profitable benefit can be unclear. As innovators in tech it is necessary to be mindful of other's data and be transparent with users.
Bounce.io utilizes digital waste by finding treasure in trash, taking data on what kinds of emails "bounce back" to a user and why it was kicked out. A cool idea O'Rouke of Bounce.io mentioned was a user comparing emails in their spam about penny stocks to the actual performance of that penny stock in the market. If information about a stock ends up in your spam, does that indicate that the stock is a poor investment.
2014 has been filled with a "storm of security attacks" as pointed out by Essaid with the security hacking of Target, Sears, and Home Depot. Unfortunately, hacking has become a profession where it pays to be bad; easy, cheap, low risk, and a big payoff. One of the biggest factors that companies are missing is the idea of prevention accompanied by a plan for reaction if an attack occurs. An attack is inevitable, as the data illustrates with the thousands of bots in existence, so not having a reaction plan is foolish. An interesting scenario Essaid pointed out your website may not be the one that is initially hacked into, yet another website's user names and passwords can be hacked and then bots use these stolen usernames and passwords to access your website's accounts.
How to get involved...
- Become aware of your data footprint and who shares your data
- Advocate for transparency about how companies use your data
- Check security settings on your social media
- If in the tech industry, ensure your company is prepared for security breach