CIO Insider

CIOInsider India Magazine

Separator

Users up and against Facebook's Data Security

CIOInsider Team | Friday, 25 October, 2019
Separator
CIOInsider Team

It has been a year since the massive data breach that hit Facebook exposed the private information of its 30 million user accounts. Following days of the attack revealed the details of vulnerabilities that trailed to the data breach. In July 2017, Facebook had its security vulnerabilities concealed in two features, ‘View As’ and a bug in video-uploading feature for birthdays. This made attackers to siphon off tokens across 30 million accounts. Access tokens were a door to the platform and other apps, thereby getting the third party account and privacy information.

Facebook has single sign-on service that allocates users to login to other platforms, sites, and applications that where also vulnerable point for

hackers to peek into. It was not just a security pitfall of the SSO, but a wisdom of the complexities associated with the revoke of access to third-party services once the account is hacked. Moreover, other security issues that pertain with the SSO are the increase in phishing attacks. As the social media giant grew and explored ways to monetize the platform, the use of user data and information for business purpose unfolded the enterprise model development in the scenario. With the ever increasing user base, business page, and linked applications, Facebook announced to bring in advanced privacy controls and policies in the wake of controversy that started emerging. The company’s porous data policies also drove developers in number to the platform at the tipping point. Facebook had to confront with its revenue sources by adding a team for monitoring the misuse of data. The company has rarely lived up to the pronouncements that were made with regard to the data security measures, while being hesitant in curbing data collection that is exploited by third-parties.

After the Cambridge Analytica Scandal, Facebook backpedalled from the implementation of GDPR compliances opened the door for other controversies regarding the democratic use of the social media platform. The fundamental questions of transparency and trust put the platform in a shady light for the failures in informing its users. Later, Facebook’s market cap shed over nearly USD 120 billion in a single day after a stagnant in user growth in North America, and Europe. Following the steps to avail users with a choice to opt-out, if necessary, from Facebook collecting “specific user data”, it resulted in the revenue descending for the company. As a series of failures in private data security hits the social media giant, it has become clear that something more drastic needs to be introduced to compact data harvesting and misuse. The question remains unanswered to whether Facebook will ever drive a genuine change in its data security policies or not.

Current Issue
VKRAFT Software Services: Pioneering Innovation In Integration & Beyond