How businesses fail to protect customer info

Doug Spindler

Most Internet users should know by now that personal digital security is in large part our own choice and responsibility.

But in truth, our electronic security is also in the hands of the companies we do business with — and they’re not all taking that fact seriously.

Everyone who gives personal information to an online entity or makes a credit-card purchase in person or provides that card information over the phone is counting on a significant level of trustworthiness. We assume that a business puts the protection of our private data above its goal of maximizing profits.

But with the seemingly weekly revelations of hackers stealing our names, email addresses, credit-card numbers, passwords, and so forth from corporate databases, it’s small wonder many Internet users are scratching their heads and asking, “What the heck is going on?”

This article is about online security. However, it’s not another primer on what steps you should take to secure your data. Instead, it looks at the attitudes and actions companies take to secure your private information. It’s also about what you can do to make companies more proactive at keeping your data secure.

Prodding business to do the right security thing

Smart companies listen to their customers. Although it often takes many customer complaints to change a company’s ways, sometimes all it takes is one. Here’s a case in point. Most of us know by now that we should be using long and complex passwords. But my OfficeMax account would accept only numbers and uppercase and lowercase letters.

I thought that was dumb. Why can’t I use special characters? So I wrote a letter to the CEO of OfficeMax, asking why the company wasn’t doing everything it could to safeguard customers’ private information. I pointed out the weakness in the company’s password rules and requested that OfficeMax allow more password complexity. Just to drive home the point, I also reminded the CEO of past OfficeMax data breaches.

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.

= Paid content

All Windows Secrets articles posted on 2014-11-06:

Doug Spindler

About Doug Spindler

Doug Spindler is a technology consultant, digital forensic investigator and college professor. He holds numerous certifications and industry awards, including MCT, MCSE, and Microsoft MVP, and he founded Pacific IT Professionals an independent association for IT Professionals with over 4,000 members.