OTA (Online Trust Alliance) has recently released its 2015 Online Trust Audit & Honor Roll. The Alliance firmly believes that data security protection and privacy need to be integrated into every service, business process, website, and mobile application. The audit serves as groundwork for new technical decisions and business building.
OTA Audit for Twitter
Twitter has received the highest score across all sectors for third year in a row. Twitter won the competition for best focus on consumer protection, privacy, and security, in battle with more than 1,000 websites.
The report is focused on sites in different sectors. The sectors are Internet Retailer Top 500, FDIC top 100 banks, Federal 50, Social 50, News 50, IoT (Internet of Things) 50 and OTA member companies.
Except receiving the highest score across all sectors, Twitter heads the 2015 Social top 50 too.
→In reference to the achievement, Michael Coates, Trust and Information Security Officer of Twitter was quoted in the 2015 OTA’s Online Trust Audit: “Twitter is honored to receive the top overall award for the highest score on the OTA Honor Roll. Our consistent top ranking is a testament to the important Twitter places on user security and privacy. We look forward to working with the OTA to continue raising awareness on security practices that can be used to protect users across the web.”
Twitter Applies Top Security Controls
Twitter’s communication to its servers stands out to be among the most important security checks. The communication to its servers is always encrypted as protection against data flow on an account is paramount.
Another part of their security infrastructure is Extended Validation Certificates (EV Certs). They assure a visual clue (the green padlock in the address bar) that identifies to the users that they are on a legitimate website. EV Certs and default HTTPS support earned Twitter bonus points for the entire score formed for OTA Honor Roll Highlights.
Sender Policy Framework (SPF), Reporting and Conformance (DMARC), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication are mechanisms that ensure protection against phishing. Thus, Twitter users are prevented from malicious parties that try to send a deceptive communication.