Answer by Joe Sullivan, Chief Security Officer at Facebook, on Quora.
I’m Facebook’s Chief Security Officer and I oversee data security at the company. Thanks for the question. We take our role as stewards of people’s information very seriously and have invested heavily in protecting the data trusted to us.
There is no “skeleton key.” In fact, we have advanced internal tools that restrict access to information to only those employees who need it to do their jobs (e.g., investigating user reports).
There is a cross-functional group of employees who work on these safeguards and appropriate access to these tools.
Most employees do not have access and, those who do, must sign an agreement and complete a training program before using our internal tools. Finally, we track the actions performed through internal tools.
Each use is logged and requires the employee to explain the purpose of his or her use, and we audit all of this regularly.
Neither Mark nor any other senior executive at the company has tool access granted, because they do not have roles in the company where access would be necessary.
0 comments:
Post a Comment