Reputation is an intangible but a priceless business asset, especially for bigger businesses. The Reputation Institute, a global private consulting firm based in New York, found that 55% of the consumers would buy from a company with good reputation and 59% are willing to say positive things about the company. Reputation hinges on data protection, among other factors. Given below are some compelling cases for digital protection.
Reputation is a Business Asset
In the months of November and December 2014, the website and several emails of Sony Pictures were hacked. The repercussions were far-reaching: while financially, the stocks of Sony, the parent company fell by 10%, its reputation suffered a dent. The leaked emails revealed some senior executives bad-mouthing leading actors and film producers and Sony Pictures endured embarrassments. Amy Pascal, the co-chairman of Sony Pictures, exited. Many more cases like that of Sony Pictures can be chronicled but the message is common and categorical: to protect brand value or reputation, businesses cannot afford to be complacent or callous about digital security. At a survey conducted at the World Economic Forum survey, business leaders identified brand reputation as the second-most valuable business asset, after products and services. Brand value protection is a strong motivation for enhanced digital security.
Ranking on Google Search
Superior rankings on Google search is much coveted among business enterprises. Now, Google wishes to reward secure websites with superior rankings, subject to other parameters remaining good. Conversely, unsecured websites, for all their content value, may slip down the rankings. This policy is not yet official or globally applied but it is pretty much on Google’s plans. According to the Google blog post, “For now it’s only a very lightweight signal — affecting fewer than 1% of global queries and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.” All the online websites, specifically dealing with monetary transactions should use HTTPS strictly. For example, online shopping websites like snapdeal.com, banking websites like usbank.com, and online casino games websites like mansioncasino.com uses HTTPS. So, if Google decides to implement this policy, then businesses or websites will have two clear choices: be secure or lose ranking. That may send enterprises scurrying for website protection.
Confidential Data Leak
Behind the infamous Panama Leaks incident were weak data security policies. The Panama Leaks incident, just like that of Sony Pictures, resulted in brand value erosion, if only on a much bigger scale – more than 11.5 million encrypted confidential documents were leaked. The Panama Leaks incident, for the uninitiated, was about the leaking of extremely confidential documents that contained both controversial and sensitive data. Mossack Fonseca, a law firm, had been the custodian of the documents. Investigations revealed Mossack Fonseca did not encrypt its emails; ran an outdated version of Outlook Web Access dating back to 2009 and insecure versions of WordPress and Drupal. It beggars belief that a reputed law firm like Mossack Fonseca had been so irresponsible and negligent in protecting so confidential documents.
Passwords are passé
It has been established repeatedly that mere passwords have failed to secure your confidential data. The poor user experience passwords offer leads to its inferior protection capabilities though it is not that a superior user experience would have bolstered its protection capabilities. Users hate creating complex passwords but if they are forced to create a complex password, mainly because of password policies, they might write it down somewhere or have common passwords across different accounts. With a user having 7 social media accounts on an average globally, it is difficult to manage so many passwords. Even single sign-on systems do not alleviate the problem significantly. According to Joel Califa, senior product designer with GitHub, “Passwords are susceptible to brute force attacks, phishing scams, guessing, and the classic (and most dangerous) looking-over-someone’s-shoulder. Even if you force your users to use the most complex passwords imaginable, they might just write them down and stick them to their monitors. The harder you make passwords to remember, the more likely something like this will happen.” Failure of passwords offer a strong reason to have a holistic and better digital security mechanism.
New security measures
Over time, older and outdated security mechanisms will be replaced by novel and holistic digital security mechanisms. Prominent among such measures are One Time Passwords (OTP) and identity-based security such as biometrics. These measures are already being used but are still far from being ubiquitous. In 2016, The Economist, the reputed publication made a statement on this, “Well-run organisations will stop using passwords and logins in 2016. Instead they will use identifiers that are harder to copy, fake, steal or guess, such as biometrics (fingerprints, retinas, posture, gait and even typing habits). Security questions will stop being asinine (“mother’s maiden name?”). Instead they will ask you to give numbers from codes continuously generated by an app on your phone. Identification that depends on a triple lock—something you have, something you know and something you are—is harder for an attacker to replicate.”
As already stated, holistic digital protection is far from being ubiquitous and it will take long to become a standard practice. Surveys show that businesses still balk at increasing their investments when it comes to enhanced digital protection. This probably means that acknowledgement apart, businesses are still not convinced enough. Still, for bigger enterprises, not implementing digital security can be inexcusable because they have deep pockets and resources. But eventually, holistic and advanced digital protection should take over because businesses will learn, either from others’ experiences or self, if harsh experiences.