Tuesday, January 12, 2010

Be Careful How Much Data Your Employees Can Access

Gawker today has an account of why you shouldn't trust Facebook with your data. The post talks about how employees, equipped with too much access and loose internal controls on private data, have sometimes abused that data at the social media giant. One section of the post certainly resonated with me:
Sensitive data hoards inevitably attract attempts at unauthorized access. Whether it's hospital employees peaking at celebrity medical records or federal workers abusing their wiretap access 100 times in two tears (dubiously claiming it was an "accident"), people confronted with a pile of information feel compelled to start digging.
Sometimes it's important to trust employees with massive amounts of data but the key is to place strict controls over personal data and limit access to only select individuals with terms of use of that data. Facebook is lucky that this problem seems to be handled in house, but lax controls on employees like Facebook seems to employ leaves the company way to vulnerable for lawsuits should this information be abused in a way which harms the user. Tempting employees with unrestricted access leaves the company in this position.

1 comment:

  1. And a perfect example of that...

    http://www.theregister.co.uk/2010/01/12/google_leaks_small_business_traffic_stats/

    ReplyDelete

Stat Counter