"Can we have expiring data based on time and need? Can an employee revoke access given to his company for his/her personal data once he leaves the company? Can the keys to the data be handed to the employee and not the employer?" These questions, posed by Deepak Jeevankumar in TechCrunch draw attention to an important and often under-explored area of the discussion around security: Trust. Trusted entities (sites, providers, merchants...) have ability not just to draw customers and users (many of whom may be fleeing compromised competitors, but to educate and promote the secure practices that will make our online lives safer.
Threat sharing networks, which provide an ongoing view into threats and security of sites we may rely on every day, is one technology that can help us get there. In addition, companies and organizations can take steps to establish and demonstrate trust while still maintaining the policies that protect them - making it a "2 way street", which in turn will build trust.
Mr. Jeevankumar argues that shifting our way of thinking to focus more on trust, to innovate around it, and to focus on how it can change the dynamic and frustrating cycle we find ourselves in, will help us to have safer lives online.
The value of a second factor when it comes to authentication has been widely discussed, here and across the media. A second factor when authenticating gives the user a second level of protection, which might be enough to stop many of the basic hacks sites and organizations have fallen victim to, where all that was needed to access a system was a valid set of user credentials.