Several years ago, I wrote an article on, “Internet Security vs. Internet Insecurity”, which addresses the end-user and their reluctance to accept the practice of security over convenience.
I guess it could be likened to driving an automatic transmission versus the option of a manual transmission. However, if you have ever been stuck in snow or mud, you will understand the advantages of a manual transmission. I can’t argue it is more convenient to drive an automatic, however, what if it was less safe to drive, and you or a family member were at a greater risk of an accident driving an automatic? Would it be worth the extra effort to drive a manual to keep you and your family safer?
I cannot imagine the extra efforts, the additional multiple steps, or making your life a little more complex could possibly outweigh the security benefits. Considering the bigger picture, I would venture a guess that the additional inconvenience would not cost you more than an additional thirty-to-sixty more minutes in the course of a year. How much more complex is your life because of a few extra clicks of a mouse or filling in a few additional fields. Complacency is what cybercriminals count on.
With your permission, allow me a little self-promoting on behalf of The CyberHood Watch. With more frequency, our guests are more vocal about commenting on the importance and contribution that The CyberHood Watch provides our digital citizens. Greg also expressed his appreciation for our method of education through communication and awareness, which is what he alluded to regarding financial institutions and their need to reach their customers. Authorities are expressing their appreciation for The CyberHood Watch efforts…Thank you.
Greg Reber, President of AsTech Consulting, points out those financial institutions need to educate their customers, and not passively with the typical opt-in to read another white paper. Financial institutions need to get more creative about educating their customers, which is in their best interest, regarding the risks of online financial transactions. It is about getting the idea into main street media not technical or industry publications.
An inherent problem with the current system of financial institutions is when a breech occurs; the bank will commonly reimburse the customer their losses. This action only exacerbates the problem because there is no incentive for the customer to improve their security or culpability if applicable. In addition, there is no feedback for the customer as to how, or why the breech happened, and more importantly how it can be circumvented from happening again.
It really is somewhat of a catch-22 for the financial institutions. If a bank were to impose, additional security measures, and their competitors do not; the most likely outcome will be customers leaving for less security and more convenience.
What we may see is a consortium of institutions, like the Payment Card Industry, coming together to require best practices of their customers. If you have a better idea, be sure to head over to the CHW Community and let us know you are thinking.
Greg poses a great question for all of us regarding Identity Theft, which is, “Is it getting better or worse”? Greg says to look at the matrix, money being moved is growing, and breeches are growing. This seems to be a good indicator it is not working and the need for more customer participation as responsible cybercitizens.
Greg’s story about a bank sending out an email to its business customers with a link requesting personal account information was a jaw-dropper for both, Dave & Bill. The CyberHood Watch partners, Dave & Bill, believe that a bank or financial institution would never ever request personal account information. That was one practice thought to be carved in stone! Not so!
A bank did send out an email, with a link requesting customers personal account information. What were they thinking? Sure enough, the cybercriminals jumped on this with duplicate “phishing” sites with links taking the customers to fake sites, which gathered their personal banking information. Needless to say, this one is in the courts. What is absurd is the bank holds the position the customer is at fault, because they should have known better.
This one will be decided in the courts, who was responsible? Here is a personal thought, if the court rules in favor of the financial institution that the customer should have known better, what do you think the chances are any financial institution will reimburse future credit card losses? You should have known better will be your reimbursement. My suggestion to all customers is to start making a few more mouse clicks and filling in a few more boxes to make sure you are secure in your digital world. We can do more for ourselves than relying on corporate to do it for us. What do you think? Come by the CHW Community and share your thoughts…They will benefit us all.
Anyone who is a Realtor or a real estate agent there is specific information for you…Fast forward to 37:00 timestamp.
david c ballard