You carefully configure your privacy setting, scrutinizing every possible aspect that may render your social media account susceptible to data compromises. In an era of malicious software and international hackers, does being careful on your side ensure immunity for your business and resistance to all forms of intellectual theft and data leakages?
The recent Facebook scandal has shows us that this is not the case.
Just last month, Facebook came under fire in their tacit compliance to data manipulation by engaging in data harvesting. Cambridge Analytica, a political data firm employed by president Trump’s 2016 election campaign, used the platform to harvest millions of Facebook profiles to micro-target voters in the US presidential election. Cambridge Analytica did so by creating psychological profiles on the users who have downloaded their personality prediction app. Meanwhile, Cambridge Analytica was also able to harvest the data of those within the network of the downloaders, extending their reach for data mining.
Zuckerberg has claimed ignorance about the implications of data harvesting on swaying elections. However, with criticisms coming from within the tech arena, such as from Apple’s Tim Cook and WhatsApp co-founder Brian Acton, Facebook appears to be isolated in the storm. Since then, Facebook’s shares have plummeted by 16 percent within 2 weeks after the exposé.
In fact, Facebook’s case is not a stand-alone incident. Within a 10-year period of 2008 to 2018, the increase in Facebook and Twitter-related crimes has amounted to a whopping 780 percent.
During the scandal, what Facebook essentially did was data harvesting, sharing your data with unrelated third parties. Users whose data was collected by Cambridge Analytica may have legal claims against Facebook. However, Facebook’s policy protects it in such situations. Facebook’s platform policy states that developers must “obtain adequate consent from people before using any Facebook technology that allows [them] to collect and process data about [the users]”. Moreover, third-party developers like Cambridge Analytica is bound to Facebook’s platform policy, to “indemnify and hold [Facebook] harmless from and against all damages, losses, and expenses of any kind (including reasonable legal fees and costs) related to any claim against [Facebook] related to [Facebook’s] service, actions, content or information”.
What does this signify? This shows how the use of our data is inevitably beyond our control. Nevertheless, this does not disempower you from protecting your data as much as possible. What can be done?
1. Configure your security setting
Under “Settings”, click on “Security and Login”. From there, you’ll be able to identify where your account is being logged in at the moment, and immediately exit any session that’s operating under a third party. If this occurs, the password must be changed to limit further breaching of security.
2. Be stringent about admin access
Reserve page administrative privileges to a distinct few in your business. When access is given to peripheral contributors of your page, such as the freelancers, interns and developers, be sure that administrative privileges are minimized to the basic ones. Staff that have left the company should also be removed upon their departure, to prevent unauthorized changes to your page.
3. Limit work to company computers
Discourage your staff from logging into your corporate Facebook account from their home computers, or worse, on public computers. This is to ensure that all private and confidential information lies within a controlled domain. Moreover, it would reduce the drastic consequences of staff forgetting to log out of the account.
4. Leverage Facebook’s 2-step authentication for extra security
Setting up a 2-step authentication adds an extra layer of protection in addition to your password. When your account is logged in through a computer that is not recognized by the system, the system would request for a special security code. These unique codes could be text messages codes sent to your mobile, a security key on a compatible device, or security codes from a third-party app. With these implementations in place, a hacker without your handphone or compatible devices would have little option but to give up despite possessing knowledge of your password.
5. Create strong and secure passwords
Despite having a 2-step verification in place, it would be wise to maximize security with a strong and secure password. This would be a creative assemblage of numbers, upper and lowercase letters, and symbols. Avoid creating passwords that bear associations with the company, or have personal connections with the staff using it.
6. Monitor your page
While your page enables visitors to post public reviews and feedback, be wary that such avenues present risks that could compromise your company’s reputation. Monitor all posts and reviews on your page on a daily basis to prevent spam or malicious links that may be posted by visitors or bots. This safeguards your reputation and keeps the page welcoming and proper.
It seems that data mining is the inevitable price that comes with free and effective services like Facebook, and the necessary consequence of living in a highly-interconnected web sphere. It doesn’t help to know that our very existence in the society allows data to be collected through programmes run by the biggest technology companies that can follow us around the web (i.e., Amazon A9, Google DoubleClick, and Verizon Oath), collect information about our public and private lives (i.e., Oracle Data Cloud (Datalogix), and gain insight to our credit and financial resources (i.e., Experian, Equifax Workforce Solutions, and CoreLogic SafeRent). However, with conscientious effort and utmost care, it is possible to draw the line between data mining and more malicious ramifications such as intellectual theft, hacking and hijacking.