Daniel Lai, CEO of archTIS
GUEST OPINION: Frances Haugen is the Facebook employee-turned-whistleblower who has focused the world’s attention on the social harm algorithms can cause. Whether you agree with her cause or not, in the world of information security in which we reside, she’s also a case study of what should not be possible.
Facebook, like any other major corporation or public institution, will agree that information and data security is paramount. Yet, their vulnerability to insider threats remains a blind spot - there’s an almost implicit assumption that Facebook could have done nothing to prevent this from happening.
This just isn’t true. There are good and bad ways to deal with the problem of who has access to what information, when and what they can do with it.
Surprisingly, the worst way Facebook could protect itself from insider threats would be to model information sharing methods used by government security organisations and contractors. Here, it is common to see ‘air-gaps’ mandated between each level of information.
Air-gap networks are physically and logically isolated from other networks so communication between these networks is not physically or logically possible. In practice, this means ‘Top Secret’ data is only accessed on a completely different network to one that contains ‘public’ information, and so on for every security level between these two points.
What this leads to is ‘swivel chair’ security - quite literally someone sitting at one PC,...
Indian-origin urologist Jitesh Patel will have to pay $14 million to settle allegations against him that he defrauded healthcare programs by performing unnecessary procedures on his patients. An e...