Wednesday, March 16, 2011

South by Southwest Interactive (SxSWi) – Privacy, yes. But security…?

by David Ochel

Attending SxSWi this year, I was pleasantly surprised by the number of panels dealing with privacy issues. It’s the social networking age, after all, and I’d certainly like to see that the companies with which I share my personal information (in return for being able to use their services) have a decent understanding about the ethical and legal aspects of using and protecting my data. How much data should they collect? Can they make it public? Do users need to agree to this collection? How far can they go without consumers and watchdog groups coming after them? And what to do if law enforcement asks for that data? These are the types of privacy-related questions that were discussed.

However, there was a disappointing lack of coverage of the information security aspects of keeping commercial and private data secure. I believe that it is in the interest of start-ups, and other players in the emerging media business, to become equally educated about information security: you can’t just release a Web 3.0 application out into the wild and assume that somebody else (the platform provider? the ISP?) will take care of protecting it from exploitation by the bad guys. For one, an exploited vulnerability could lead to the unintended disclosure of personal information. But in addition, there is a whole other dimension of risks that your business may face if you never spend an afternoon thinking about how to architect, design, and implement a system that – at the very least – will not offer any low-hanging fruit to the criminals in our networked world.

Maybe next year! ;-)

1 comment:

  1. Auston Holt, CISSPMarch 16, 2011 at 4:38 PM

    Security BSides Austin (held downtown March 10-11) did a good job of providing the security side of the equation. In addition, they even had a panel discussion with representatives from the Electronic Frontier Foundation and American Civil Liberties Union.


Comments are moderated with the goal of reducing spam. This means that there may be a delay before your comment shows up.