It used to be that a data breach was a singular event that caused massive shock and concern. Today, data breaches happen regularly and, while still shocking in scope, are starting to dull the senses. Credit card numbers, security clearances, and even illicit dating profiles have been harvested, coallated, and provided for everyone to expose. It seems to be an insurmountable problem. But why?
Data is a tantalizing thing. Collecting it makes life easier for customers and providers as well. Having your ordering history allows Amazon to suggest products you might like to buy. Having your address on file allows the pizza place to pull it up without you needing to read your address again. Creating a user account on a site lets you set preferences. All of this leads to a custom experience and lets us feel special and unique.
But, data is just like that slice of cheesecake you think you want for dessert. It looks so delicious and tempting. But you know it’s bad for you. It has calories and sugar and very little nutritional value. In the same manner, all that data you collect is a time bomb waiting to be exposed. The more data you collect, the larger the blowback for your eventual exposure.
Yes, we’ve crossed the line from “I might get hacked one day” to “I will absolutely be hacked in the next 24 months”. The amount of data being stored has increased a hundred fold in the past few years. Every website wants you to sign up. Every department store and restaurant has a preferred customer program. Everyone has a mobile app. And every one of these respositories has data that you don’t want anyone else to have. Hackers used to have to sift through garbage to find sensitive information. Now it can be stolen with a few redirects and no smelly excursions.
Even if a website or app claims they aren’t collecting your data for “nefarious” purposes, you can be sure it will eventually be used against you. And those are the “good guys”. What about sites that won’t let you delete your account? Or worse: the sites that claim they will and then don’t do it?
Having your data laying around in a dormant database is like putting money under a mattress. It doesn’t do the holding company any good. Just like the siren song of the above mentioned cheesecake, if you leave the data laying around long enough a company will decide to do analysis on it. It’s a slippery slope that a company will fall down given enough time.
How do we fix the problems of widespread data sprawl? Given that every app and website login is now an attack surface, how can we minimize the amount of leakage even in the event of disaster? Given that the best solution of not collecting the data in the first place isn’t likely to happen, we need a new solution.
Interestingly enough, wireless companies have stumbled onto the solution in the past year. They are using social media sites as a login for wireless access. Sites like Facebook contain all of the information you would need for a user account on a site. Facebook even offers a login option for many sites, tying their database entry to yours.
What needs to happen is that a site like Facebook or OpenID needs to become the de facto repository for identity information. By containing it all in one place and forcing sites to create links to your identity store, the amount of sensitive data being stored is minimized. Apps can still collect custom information above and beyond that which is provided by the identity store, but it would be paired with a GUID value pointing to an external login with very little identifing information. Like having a phone number but no name or address.
I know exactly what you’re thinking right now: What happens if the identity store gets compromised? Won’t they have all of my data? And my associations with other sites? The answer is “yes”. A compromise of the identity store would cause a lot of headache. At the same time, the keeper of the identity store knows that. When is the last time you’ve heard about Facebook having a data breach? Just like banks are serious about security due to public perception of them being robbed, so too would an identity service suffer if it were to be compromised.
Ask yourself this question: would you rather trust your data security to a company like Facebook, who has everything to lose if they are compromised? Or some app developer in a hurry to create a login profile that forgets to use encrypted passwords or salted hashes?
The amount of times I’ve had replacement credit cards issued because of potential data hacks is becoming annoying. I’m almost certain my data was in the OPM hack even though it was something from over a decade ago. It’s becoming irritating to know that my information is just a brute force attack away from being exposed and I have no control over it.
Making Facebook or similar identity brokers the authoritative database for identity is an imperfect solution. But it’s also the best solution we have today to the escalating problem of data breaches. I’d rather trust that Facebook is doing as much as possible to safeguard my data than believe for an instant that Home Depot cares about their preferred customer database over the credit card repository. Facebook may not be the most upstanding organization when it comes to data analytics, but I trust them not to treat my identity like a steaming pile of toxic waste.