Would you delete your account if a social media provider misused your data?
With the Facebook scandal involving Cambridge Analytica still fresh in people’s minds, two-thirds of professionals admit they would delete their account if a social media provider misused their personal data. This is according to a snapshot poll of 220 cybersecurity and IT professionals conducted by Centrify, at Infosecurity Europe in London this week.
Quizzed about attitudes to data breaches that involve identities (passwords, usernames, etc.) 59 percent of respondents say they have already deleted a social media account, while another 7 percent plan to if their data is misused. However, a significant third of respondents (32 percent) say they have no plans to delete Facebook or any other social media account.
Following major breaches at high profile organisations, including Uber, Equifax and TalkTalk in recent years, the poll also reveals that more than half (55 percent) of poll respondents would stop using a company following a data breach. However, 45 percent admit they would carry on using a company despite the risks.
Asked about their biggest concerns when it comes to privacy of personal data, just one in ten point to social media providers tracking or harvesting their personal information, while a third (34 percent) worry most about data breaches at companies that have access to their data, and a quarter admit credit card fraud is their biggest fear.
“It’s really interesting to see how high profile stories involving big brands and social media providers are affecting our attitude to these companies and how they use – and indeed misuse – our personal information,” comments Andy Heather, VP and Managing Director EMEA.
“Trust is critical, both from the perspective of a customer trusting the company they use, and trust when it comes to the information we share with them and how they use it. If this trust is pushed too far – and we’ve seen it happen recently with serious consequences – customers will walk. While there are new regulations in play, like GDPR, designed to protect the individual and their privacy, ticking the compliance box is not enough for businesses,” Heather concluded.
To protect against breaches that exploit weak or stolen credentials, Centrify believes companies need to adopt a Zero Trust Security model, which assumes that untrusted actors already exist both inside and outside the network.