Most of us probably have worked with people who left valuable personal items lying around their workspaces in full view of anyone who might have itchy fingers. And when one of those valuable items was inevitably "liberated," the owner invariably was shocked, angry and embarrassed and quickly began bemoaning society's moral collapse while pointing a finger at his or her employer's weak security and too-open access.
These potential victims are not deliberately tempting latent thieves or testing the honesty of others in the office. Rather, they are careless, hurried and also very trusting. No matter how many times you exhort a colleague not to leave her open wallet on her desk, she's not likely to change her behavior -- until it's too late.
Put that behavior and the related attitudes into the context of banking, and you have a perfect metaphor for the challenges financial institutions face around security. Customers and employees demand convenience, speed and simplicity in all kinds of transactions and interactions. At the same time, they are frustrated if they lose access to accounts, files or tools -- not to mention the outrage if their information (personal or corporate) is breached.
Meanwhile, the bank -- whether in the role of financial services provider or of employer -- is in the uncomfortable position of knowing that, even if the customer or employee is at least partly to blame for the problem, it could and should have done a lot more to prepare for the possible breach or loss. In addition to a more secure infrastructure, there could have been simpler security-related tools and processes, more training and better communications about the importance of data security, and stronger enforcement of security policies. As a result, it's harder than ever to simultaneously secure an increasingly mobile-based, real-time and open-access enterprise while also improving customer engagement -- and that is the focus of much of our coverage in the September digital issue of Bank Systems & Technology.
According to recent research from Guardian Analytics and The Ponemon Institute, 72 percent of small and mid-size businesses surveyed said they hold their financial institutions primarily accountable for ensuring their online bank accounts are secure. But only 43 percent of the study participants said their FIs take appropriate action to limit risk transactions. And 56 percent of the businesses surveyed said it would take only one successful fraud attack for them to lose confidence in their FI's ability to provide adequate security.
[Is Apple Preparing A Mobile Wallet?]
To look at the costs of security breakdowns in another way, the average loss in brand value for a company that experiences a data breach can be anywhere from $184 million to more than $330 million, according to PwC. And the collective industry damage can be even worse. Customers' and employees' conclusions may not be fair, informed or justified, but they are reality.