Happy Data Privacy Day Everyone!
Data Privacy Day is a yearly event designed to raise awareness and promote privacy and data protection best practices. It is an area that needs more work in terms of tech companies and software development according to The Secret Developer.
“I’ve seen poor practice at the corporate level and the level of software development. It is something which needs to be fixed.”
The Privacy Illusion
Privacy these days is an illusion. For each free service you use, you’re the product. This goes double for software developers.
“Where your data is the currency be very very careful. As a software developer, you might leak out company data to a competitor.
At a FinTech (think: confidential data) I noticed people sharing code with ChatGPT. Since ChatGPT can use data to improve the model performance they were giving away our proprietary code for free. I hope no customer details are out there as well.”
The Lost Notification
Leaking information to an AI is one thing. Leaking it to all your customers is another.
“We sent out notifications to all of our users when one of our developers used a prod server instead of a dev one.
If I remember they wrote ‘test test test’ so not a crucial leak of information, there. Now imagine if the mistake involved some confidential information.”
The Open Door Policy
You can watch your data walk out of the door as a corporation if you don’t enforce your policies.
“I worked for a large Asian Fintech. They didn’t give me a swipe card to enter the building, so I needed to wait for people to let me through the door. Worse, I used my laptop to work copy-pasting their data to my personal system (a real breach of their policy).
I guess now I know how to social engineer my way into secure areas. I just hope nefarious actors don’t have the same skillset.”
Conclusion
It appears that The Secret Developer has a dodgy past. Should we think of them in a different light? Perhaps they are working with you — watch out!
“Happy Data Privacy Day everybody!”