The latest batch of data breaches at Target and Neiman-Marcus have raised a crescendo of concern in the media and among individuals that is certainly justified but sometimes a little off base. In particular, there’s confusion over the distinction between online privacy and online security. Some of the commentators have simply been echoing Sun CEO, Scott McNealy’s comments dating back to 1999, suggesting that we all just “get over it” and learn to live without online privacy.
We all want and need to know that our financial transactions are secure. When there is a breach of the type that occurred with Target and Neiman-Marcus, personally identifiable information (PII in security parlance) makes its way into the hands of third parties. The primary consequence of this is not that anyone in particular might find out where we live (as if they didn’t already know), it is the potential that his information could be helpful in defrauding us and defrauding merchants and credit card companies.
Keeping our credit card information “private” is not the same as avoiding government surveillance or other more generalized degradations of what some view as a primary right to privacy. However, financial and transactional security and cyber-privacy are both worthy of thought and concern. The Internet of Things (IoT) only compounds all these issues. What happens to privacy when devices like Fitbit track and make available details of our life as intimate as our heart rate? Who is watching and who might watch – legally or otherwise –is and ought to be a concern. And, what are the potential issues involved with hacking these new devices? The Los Angeles Times recently reported that security firm Proofpoint has uncovered a cyberattack that included smart TVs, wireless speaker systems, Internet-connected set top boxes and “at least one refrigerator.”
The rapid evolution of these technologies demands that the IT industry formulate proper, adequate, and appropriate solutions.
Consider that the first cars didn’t have locks on the ignition or that airports, within living memory, had no security at all. Anyone could walk out on the tarmac and sneak on to a jet bound for the other side of the world. Circumstances changed and the technologies and practices that surrounded automobiles and aircraft had to change.
In our race to deliver more and better functionality at ever more competitive prices, security has been playing catch up – and privacy has hardly even been thought about. Guess what? Circumstances have changed and the technologies and practices that surround IT, the web, mobility, and the Internet of Things need to catch up.
Karen Tegan Padir is the president of the Application Development and Deployment Business Unit at Progress, reporting to President and Chief Executive Officer Phil Pead. Padir, a 20-year software industry veteran, is responsible for the strategy and growth of Progress application development assets including Telerik, Modulus, Rollbase and the Pacific Platform.
Copyright © 2018 Progress Software Corporation and/or its subsidiaries or affiliates.
All Rights Reserved.
Progress, Telerik, and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See Trademarks for appropriate markings.