Identity Management and Social Media: Red Flags to Watch Out For

As our lives become more connected to the internet, we face more threats to our data being stolen. When we share so many aspects of our lives openly o

As our lives become more connected to the internet, we face more threats to our data being stolen. When we share so many aspects of our lives openly on social media, it makes both our personal data and our physical homes and bodies more susceptible to danger. Innovations in Identity and Access Management (IAM) are working to reduce this danger, taking the future of social media use far past usernames and passwords.

One contributing factor to social media-related IAM issues is the rise of one-click authorization. In the early days of the internet, users created a totally new profile for every website, needing to enter a username and password every time they signed up or logged in. Now, though, many sites allow users to log in using their credentials from a larger platform like Facebook or Google. This reduces the amount of work needed to manage users and increases sign-up rates, as many users aren’t willing to create numerous different online accounts or experience “identity fatigue” from having too many sets of login information.

While this practice makes things easier for both the website and the user, it also comes with risks. Merritt Maxim, Director of Security Solutions at CA Technologies, says that “this trend introduces significant security issues because critical IT assets need to be available — securely — to an increasingly distributed and diverse user base that is using consumer devices of their own choosing.” Because there is only one place to authenticate, there is also a single point of failure should a breach occur. A hacker just has to steal or figure out one username and password and has access to all of your online accounts, from social media to online shopping to entertainment.

Tech executive Thierry LeVasseur notes that using stolen data to create new, fake social media profiles is one of the biggest IAM threats users face. “Some [hackers] use reconnaissance; basically, gathering information from a brand or person, and then create fake profiles impersonating someone from that brand (or as someone a person might know.) That information can also be used to construct phishing emails since people are more likely to open emails and click on links from those whom they share commonalities.” He also warns that personal data can be used for “weaponization, which is creating a fake account and linking to other fake accounts in order to appear more legit.”

So how can social media platforms mitigate these risks? Using one set of credentials to sign in to multiple accounts isn’t going anywhere, so websites have to figure out ways to make their platforms more secure. For instance, allowing users to initially enter the site with third-party social media credentials but requiring a token to authenticate on more restricted parts of the site keep everybody’s data more secure.

Social media has become so interwoven with our professional and personal lives that we now use those login credentials to create other online accounts. Creating this single point of failure makes us more vulnerable to data theft. With new IAM innovations being created every day, social media may soon be safer than ever before.