We live in an interconnected and data driven world. For the majority of businesses and individuals, going off the grid is simply not an option, and this connectivity inherently has advantages and disadvantages. Arguably the most important is the double-edged sword of convenience and privacy. Information can be shared or distributed in a single keystroke. Once the genie is let out of the bottle, it cannot be forced back in.
For businesses and individuals alike, some information must be carefully safeguarded lest it cause irrevocable damage. If your social security number (or the personal data of your customers) is leaked, your identity is at risk of theft. The truth is that the social security number was never originally intended to be used for the purpose of national identification. Yet out of convenience it became the de-facto national ID. This dilemma of privacy and convenience extends further. Laws, policy, and processes are harmed or helped by too little or too many barriers.
Secure processes are typically inconvenient, therefore a sliding scale must be applied. How much inconvenience are you willing to accept? There are certain inconveniences that we by nature must embrace and they become second nature. Our bodies require adequate nourishment and rest – an inconvenience that we readily accept.
On the technological side of things, we are faced with inconveniences like passwords and personal identification numbers. These have become an acceptable part of our societal norms because we recognize the protection they provide. Unfortunately, passwords are often subject to hacking using remotely controlled applications. Long gone are the days when a would-be thief must sneak into your bank and physically remove the cash you’d deposited. Our interconnected system of millions of computers allows an individual with nefarious purposes to hack and virtually drain your account from the other side of the globe.
In another vein, your bank card could be ‘cloned’ and allow a thief to print a copy of your card or use it for online ordering. An inconvenient security countermeasure are EMV chips. This chip is designed only to stop a specific type of fraud – card cloning. The magnetic stripe can only be used in combination with the chip unique to that specific physical card, adding an extra security layer to physical brick-and-mortar transactions. Unless of course your physical card is stolen, in which case all that’s required is to insert the card and sign.
Yet even this EMV security measure does not protect you in the online realm of shopping where your card isn’t required anyway. The inconvenient solution is paying for credit reports and credit monitoring services to notify you if an unexplained change occurs. Credit fraud is a source of frustration for individuals and businesses as they are both ultimately harmed through loss of money and potential chargebacks.
No security measure is completely infallible. The cyber-invasion of Sony demonstrated that organizations small and large are all subject to Murphy’s law: “If anything can go wrong, it will.” Businesses aren’t the only ones that are facing intense scrutiny over digital information security. Sen. Hillary Clinton is currently under investigation for using a convenient private server and personal Blackberry device to conduct her duties as the Secretary of State. Reports indicate that Sen. Clinton’s private server faced hacking attempts from China, South Korea, and Germany after her tenure as Secretary of State.
Passwords, firewalls, identification cards, biometrics, microchips, checkpoints, and guards all offer various levels of security and convenience. At the end of the day you must carefully weigh the two, because you cannot have the full measure of either without consequence. What level of inconvenience are you willing to accept to achieve security? Conversely, what level of security are you willing to sacrifice for convenience?