News

Security firm Sophos calls on Facebook to implement safety plan

Warwick Ashford

Security firm Sophos has called on social networking business Facebook to implement a three-point plan to address top security issues.

In an open letter, Sophos urges Facebook to create a safer environment for its more than 500 million users and show commitment to improve privacy and safety on the internet.

"Facebook is no stranger to making headlines for all the wrong reasons when it comes to security and privacy," says Graham Cluley, senior technology consultant at Sophos.

The three-point plan would turn Facebook into the good guys and also be a real safety step-up for its 500 million users, he says.

Facebook is popular and successful and is not going away. Therefore it is essential that it takes proper care of its users by making their security and privacy a top priority, says Cluley.

"Our question to Facebook is why wait until regulators force your hand on privacy? Act now for the greater good of all," he said.

According to Sophos, whenever Facebook adds a new feature to share additional information about users, it should not assume that every user wants this feature turned on.

Sophos notes that with more than one million app developers already registered on the Facebook platform, it is hardly surprising that Facebook's service is riddled with rogue applications and viral scams.

Facebook only commits to provide a secure connection "whenever possible", but Sophos believes the company should enforce a secure connection all the time, by default, to reduce the risk of users losing personal information to hackers.

Three-point plan for Facebook

1) Privacy by default - No more sharing of information without users' express agreement (OPT-IN).

2) Vetted app developers - Only vetted and approved third-party developers should be allowed to publish apps on the Facebook platform.

3) https for everything - Facebook recently introduced an 'https' option, which should be turned on by default.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy