Why Your Business Requires Security

The States and Federal Identity Theft and Privacy Protection Laws now require businesses, agencies and organizations of all sizes to protect all personal information they store, and report to all their customers whenever a breach occurs. The financial ramifications after having a data breach can be very substantial to both present and future business. In some many cases a company never does recover from a breach and is forced to close down. Currently, the average cost on a company is $3.7M per incident.

Facebook Privacy – Whose fault is it?


Does Facebook have a privacy problem, or do we have an information shut-up problem?

Recently, the news has been reporting on Facebook having a privacy problem. While personally I might not like that they sell private info, they are not selling anything that doesn’t already show up on an account. With Facebook’s recent privacy statement and blocking button it still comes down to who’s at fault:

  • The social media and cloud based service companies for making public information viewable;
  • The third party spiderware and bots that can go into sites and collect the information made public; or
  • The individual who puts all their personal information into Facebook, MySpace, Twitter, etc. and thank it is private?

privacyFrankly, I say all three have to take ownership of privacy by safeguarding information. But the biggest offender has to be the individuals who give out all their personal information to whom ever asks. We all know that companies sell their databases, and we all know that their is software that can sniff out information and compile it. So maybe as individuals we need to learn to shut-up at to what we post and share. Here are a few suggestions to these three groups that may help reduce the risks:

Facebook and other Cloud  Services on Privacy:

These companies need to determine if requested information is really necessary to gather, and if they are willing to take the legal responsibility of collecting, storing and protecting of private information. Laws are being put into place that are trying to make companies the scapegoat here, and things are only going to get worst before they get better.

So here are some pro-active suggestions:

  • State your privacy highights up front and in clear english. Don’t use the lawyers. Save them for the long disclosure policy that no one reads.

  • Don’t hide your intent. Have a privacy statement that says either you do or don’t  share information.

  • Highlight what information will be made public. Similar to a site that adds an “ * ” when they require information on an electronic form, make the field the color red so people know what they are share is public.

  • Allow individuals to classify information as private that can not be sold, viewed or found (especially by the bots)

Data Spiders and Bots Reduce Privacy:

These have been out there for years. If they are gathering public information then that is what they are suppose to go. If they are breaking into secure drives and starage that is a totally different matter since that is a full data breach.

When you use some of these personnel background checking sites, for $49.95 you will be amazed at what data comes back. Sometimes you can gather SSN, driver license number, employee ID’s, etc. In many cases we have the US Government to thank for releasing this information thanks to the “Freedom of Information Act”.


  • Spiders do what spiders do. It is what a company does with the info. That is where the legal action has to focus on.

  • Companies can add more front door security to authenticate the individual. Using a smartcard and password manager from a company like Access Smart works or even a captcha

Individuals Protecting Their Own Privacy:

There is an old saying, “If you don’t want to see it on the 6-o’clock news, then don’t post it.” With this being an election year and all the slurs from what someone reports a candidate may or may not have said when they were 17, imagine what it might be like 10 to 20 years from now. Will those candidates find their opponent’s old Facebook, MySpace or YouTube videos and post to use that against them? So what are you posting today?

  • Always ask why a company needs marketing info. If in doubt, do give it.

  • Remember, what is placed on the internet, stays on the internet.

My recommendations to help with Privacy:

  1. Companies need to think more about the well being of their customers and not on multiple streams of revenue. The spiders are not going to go away, so company’s need to block the information they can gather.
  2. Is there such a thing as privacy, or did that go away after the invention of the telephone? Government needs to get out of the 19th century laws and try to at least move up to the latter half of the 20th. Going to the 21st century would be too difficult for politicians to think about. Their heads might explode.
  3. Just because a form or site asks for your information doesn’t mean you have to give it or you have to give the correct one. Was I really born in 1900, 1945, or 1965? Who really care? Remember the computer is really a stupid machine. It only spits back the info it was given. Hey “Garbage in, Garbage out”.

The Privacy Protection Laws are designed to force companies to protect non-public information from disclosure, but it has nothing to do with the public information you type on these social networks. So if you really want to safeguard your privacy, shut-up on what you put on the internet.

Comments are closed.