Whether consumers are checking a credit score while waiting for a flight or buying movie tickets while on the way to the theater, the last thing they are probably worried about is what kind of security tests their smartphone apps’ developers ran a year ago. If an established, well-publicized, highly rated app with millions of downloads and prominent data protection promises can’t be trusted to secure information, after all, who can? And if that data is intercepted, it must be through some new, highly advanced cyber-attack, right? You might be surprised—or then again, maybe not. The FTC recently settled with a pair of companies that likely should have known better. Westin Research Fellow Kesley Finch analyzes where they went wrong for the IAPP FTC Casebook and outlines the simple steps every organization can take to avoid such scrutiny.
If you want to comment on this post, you need to login.