TMCnet News
User Security and Privacy Report Finds Vulnerabilities in Web Trackers and the Rise in Cross-border Data Transfers and Access to User Login CredentialsUser-side security monitoring system Feroot today released its 2019 User Security and Privacy Report examining the hidden behaviors of external third- and fourth-party tools on the user-side for websites and web apps. Of the 13 different industries and government agency websites worldwide reviewed, the report found that:
What this means: The challenges faced by most security professionals isthe constant growth of the tech stack: third- and fourth-party vendors, web trackers, and homegrown technology tools are always in flux as new tools and trackers are added daily for marketing and sales purposes. This poses ongoing data security and privacy threats because side-loaded code can be modified by third-parties at any time opening the possibility for a Man-in-the-middle (MITM) attack vector. "The rise in regulatory scrutiny and increase of data breaches worldwide demonstrates the need for companies to be more vigilant about the type of data they collect and of the integrity of all parties that have access to user data, ultimately ensuring data is protected from potential theft," said Ivan Tsarynny, Feroot CEO. "We are alarmed at how often data transfers and data collection by third-party tools go undetected. Attack surface area now includes all marketing and customer service third-party services. Security and privacy teams need to track where and by whom data is being stored, processed, and transferred, to prevent recurring and devastating breaches." Feroot scanned more than 1.1 million unique web pages across 365 organizational websites in 13 different industries focusing on the US, Canada, UK, France, Spain, and Germany, including government agencies, to take a closer look at:
Simulated visits were conducted between April 19 and May 31, 2019, using the Feroot user- (client) side security monitoring system, and were repeated multiple times, limited to approximately 90 pages per website per day. For the full report visit here. About Feroot Feroot is a data collection monitoring platform that helps security and privacy engineers monitor issues introduced by the third- and fourth-party tools and scripts such as web trackers, tag (News - Alert) managers, chatbots, and analytic tools that are loaded on visitor browsers. The Feroot system gives organizations unprecedented visibility to detect unauthorized and ungoverned data collection and helps prevent security and regulatory vulnerabilities. For more information, visit www.feroot.com View source version on businesswire.com: https://www.businesswire.com/news/home/20190627005216/en/ |