14 DAY TRIAL // Twitter received the highest score in a security audit performed in mid-June by the Online Trust Alliance (OTA) organization on about 1,000 websites, focusing on consumer protection, privacy and security.
The study focused on sites across different sectors including online retailers, federal government, social networking, news and media, and OTA members.
The award is no small feat since the report revealed that almost half of the analyzed leading websites failed the data security test, while the rest of them passed, albeit not all of them with flying colors.
Twitter implemented top security controls
This is the third consecutive year Twitter ranks first on the list for the security standards it adopted for user protection.
Among the most prominent security controls implemented by Twitter stands out the communication to its servers, which is always encrypted to protect against data leakage on account of traffic sniffing.
Extended Validation Certificates (EV Certs) are also part of the infrastructure security, as they provide a visual clue (green padlock in the address bar) to the user that they are on the legitimate website. This and the always-on HTTPS support earned bonus points for the overall score counting for the OTA Honor Roll status.
Protection against phishing is achieved via support for Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting and Conformance (DMARC), mechanisms that prevent malicious parties from sending fraudulent communication to Twitter users.
Companies try to implement better security
Michael Coates, Trust and Information Security Officer at Twitter, said on Wednesday that the company’s “consistent top ranking is a testament to the importance Twitter places on user security and privacy.”
The purpose of the OTA report is to promote the best security practices that should be adopted by organizations and provide the examples that should be followed in order to protect consumers in all verticals.
Since the first security audit performed seven years ago, OTA observed a constant trend in entities in all sectors trying to improve their security score and better understand the test methodology.