Who’s Looking at Your Data?

Since the Bloomberg report that revealed that there is a team of Amazon workers that review audio clips to improve the system, attention is turned to other companies that are looking at your private data.
In 2017 Evernote gave its employees permission to read private notes in order to improve the experience. Even though they changed their mind and promised employees would have to request permission, this illustrates how easily Evernote could give can give its employees access and change company policies whenever it wants or needs.
Facebook has had its share of situations, like a bug that exposed private photos to app developers, giving employers access to read private messages in Slack, and the firing of an employee who was using his access to stalk women online in 2018.

CyberAttacks
The city of Baltimore has been partially paralyzed since 7 May, when a ransomware attack seized parts of the government’s computer systems.  The hackers used a ransomware called RobinHood — an extremely powerful and malicious program that makes it impossible to access server data without a digital key. Government emails are down, payments to city departments can’t be made online and real estate transactions can’t be processed.

More than 20 municipalities in the US have been hit by cyberattacks this year alone.  Defending against a determined, targeted attack demands defense in depth, and prevention is better than cure. That starts with ensuring that access to RDP (Remote Desktop Protocol) is secure and finishes with regular, comprehensive, off-site backups.

Legitimate Reasons for others to Examine Your Data:

  • Government requests
  • Quality assurance and customer support
  • Investigate reported violations
  • Training algorithms

Is End-to-End Encryption the Best Solution?
Due to the way the internet works, data is only encrypted when it’s sent between your devices and the company’s servers. And yes the data may be stored encrypted on that company’s servers—but that company has its own key.

One way to prevent this is with client side encryption or end-to-end encryption which is software you use to encrypt the data on your devices. This keeps your encrypted data on other company’s servers in a way that the company couldn’t access it. Your data would be yours. However, in many ways, this is less convenient; some automated services would not be able to perform their normal tasks, companies wouldn’t be able to improve their systems and if you lost your encryption key you wouldn’t have access either.

Best Data Mix is one part Planning with 3 parts Prevention:
Secure your company’s data with an end to end solution of prevention and planning. A custom system to fit changing needs that includes:

  • Education and Policies
  • Encryption and Password Security
  • Identity and Access Management
  • Recovery Strategy

The best practice is to create equal security measures for every member of an organization and adopt a culture of awareness for detection and prevention. 

Bonus:

Here is an article that shows you how to listen to and delete every command you’ve said to your Amazon device.  www.howtogeek.com/319299/how-to-listen-to-and-delete-every-command-youve-ever-given-to-alexa/

 

Acanthus Technology is a Full Technology Partner with MSP services to manage, monitor and maintain all things related to the needs of your modern business. - - - Make your workplace work for you!

WebSite Facebook Linkedin YouTube

Leave a Reply

Your email address will not be published.Required fields are marked *