Did the Facebook / Cambridge Analytica reports have you wondering just how secure the online tools you use are? In this article, we’ll advise on how to assess your current tools and share our approach at MeisterLabs to protecting user data, no matter what.
Are the tools you’re using putting your data at risk?
Reports that Cambridge Analytica illegally acquired the records of 50 million Facebook users have made many rightly question who they can trust with their personal data. However, it’s not only on Facebook that we share personal data about ourselves, our work, and even our friends and family, on a daily basis.
Think about the contents of your emails, your to-do list and all the other forms of online communications that you use. It’s essential that all of these products, from social media to task management tools, are looking out for your privacy and security too. As we’ll explain, looking for products with servers outside of the U.S. is a good place to start, but there are other strategies to protect your security online too. We’ll share a few here.
Protecting your data on Facebook
In the case of Cambridge Analytica, the majority of user data was reportedly harvested prior to 2016. At this time, Facebook apps could ask for permission to not only access your personal data but also the data of all your Facebook friends. As a result, the 300,000 people that signed up to take a personality quiz supposedly handed over the data of 150 times that number of people.
If you’re concerned that you could’ve been affected by this, you can access the app settings page on Facebook to see which apps are connected to your account and deauthorize any you no longer need. Additionally, if you’d like to keep your Facebook account but want to minimize the amount of data shared on it, you can use the Social Book Post Manager plug-in to delete data shared before a chosen date – let’s be honest, no one’s reading your Facebook statuses from 5 years ago anyway…
Choosing a product based outside of the US
Unfortunately, these data breaches are by no means limited to Facebook. The 2013 Snowden revelations documented how the NSA’s work to weaken encryption, via so-called ‘backdoors’, put the data stored by US-based online communications products at risk.
For a quick recap, under the PRISM program, the National Security Agency could legally access any data held by companies with servers in the U.S. What’s more, in order to access this data, they persuaded many US technology companies to introduce weaknesses in their encryption systems, creating ‘backdoors’ through which the NSA could access their data.
However, this weakening of encryption doesn’t just assist the US Government to gain access. It also provides an opening to hackers that are able to navigate the weakened security system – a risk that even a ‘Golden Key’ can’t prevent.
Unsurprisingly, these revelations sent shockwaves through the online community, including our own team. As a result, at MeisterLabs we decided to take a concerted stance in support of online privacy, restating our efforts to ensure user data is never compromised.
Our commitment to security at MeisterLabs
“We take the same degree of care to protect your information as we would employ to protect similar information belonging to us.”
As declared in the GDPR guidelines, this means protecting privacy and data by design and default.
Storing data exclusively on European servers
Our commitment to privacy and security starts with housing our servers exclusively in a state of the art certified data center in Frankfurt, Germany. This ensures that our user data will not be exposed to encryption backdoors, in the way that US-based products could be. You can find out more details about these GCP servers via our security statements for both products: MindMeister and MeisterTask.
As we shared back in 2013, in response to the Snowden revelations, with all data stored in Europe and delivered to your browser through secure SSL encryption, for MindMeister and MeisterTask, you can rest assured that your personal data is safe with us. Plus, with most other leading task and project management solutions housing their servers in the U.S., we’re proud to be unique in this way!
Encouraging our users to be privacy-aware
We’ve also implemented a number of measures to ensure users are vigilant about their own online data, including:
- Encouraging users to enable two-factor authentication, which is a sure fire way to minimize the risk of a data breach if you feel your password has been compromised
- The ability to turn on and off link sharing within MindMeister, via generating a new link, in case your shared maps end up in unintended hands
- The ability to share and unshare projects within MeisterTask, for similar reasons to above
- Roles & Permissions within MeisterTask to restrict the rights of those you’ve shared your projects with, so they can be limited to only viewing or commenting on the project
- In-built ‘have I been pwned?’ plug-in coming soon, alerting users to whether the password or email they’re using for their account has been previously compromised. You can go ahead and check the security of your own emails and passwords, totally free of charge, via the ‘have I been pwned?’ website
- We’re also in the process of making our company entirely GDPR compliant, making updates that will be in place ahead of the deadline this May. This will prove that privacy and data protection are implemented by design and default across both of our products. In the GDPR regulation, data protection is at the heart of how personal data is collected, processed, stored and accessed. For more information on what GDPR has in store, you can read the regulation in full online.
With our servers based entirely in Germany and processes to ensure that users are aware, themselves, of any potential privacy and security risks, we’d like to make clear that for MeisterLabs, user privacy and security are paramount.
If you have any questions on how we manage user data across MindMeister and MeisterTask, please do get in touch.