A major entertainment company recently made news when it announced a new tool available at its theme parks. Under the guise of making visits more “fun and easy,” theme park guests are now able to wear a type of bracelet or wrist band that essentially tracks a person’s every move.
Once a guest places the band on his or her wrist, he or she can be tracked by radio waves. Guests can be tracked walking into lines for attractions, standing in lines at restaurants, taking photos at kiosks throughout the theme parks, etc. The band can also serve as a virtual wallet once it has been connected to a credit card, and it can also serve as a room key at theme park resort hotels. Does this sound like a tool for big brother?
There is no denying that technical innovation moves society forward. But as I’ve written many times, it also attracts nefarious individuals who take advantage of the new technologies and twist them for their own purposes. Theme park guests shouldn’t immediately adopt new technologies because the media or travel industry experts issue a directive or sing amazing product praises. Instead, there should be beta testing with groups of users who test every conceivable situation where hackers could compromise the system.
This product announcement raises an important issue for many companies, especially midsize businesses. Do you launch products that access your customer data? Do you allocate resources for proper vetting? Do your new products provide access to sensitive information? If the answer to these questions is yes, what procedures are in place to provide protection?
In security, we always have to balance ease-of-use with security requirements. Unfortunately, most companies err toward the ease-of-use side of the spectrum. The reason is simple: companies are afraid to annoy and turn away customers because products are not easy to set up or activate. As a result, security takes a back seat, and vulnerabilities come to the forefront.
In the future, and not the too-distant future, hackers will be able to sit on a bench, and as people walk by, they will be able to harvest data. This data could include name, phone number, email address, contact info of friends and family, credit card data, etc.
Data is gold. You can buy it, sell it, and steal it. Some may even theorize that data is the currency of the 21st century. The moral of this story is, don’t launch new products without doing your due diligence. You should even hire white hat hackers to do your testing. Be proactive, not reactive.
Image Credit: Renjith Krishnan via FreeDigitalPhotos.net
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. I’ve been compensated to contribute to this program, but the opinions expressed in this post are my own and don’t necessarily represent IBM’s positions, strategies or opinions.