Surge of New Digital Accounts During the Pandemic Leads to Lingering Security Side Effects
How many online accounts did you open during the pandemic? A new survey examines the impact of this digital surge on risk to consumers and businesses alike.
The unexpected nature of a global pandemic that washed
over the entire world left everyone scrambling to maintain their daily
activities and work as best they could. With stay-at-home orders that lasted
for months on end, most people resorted to consuming services and ordering
goods online, encompassing everything from groceries to telemedicine and working
remotely. In the process of having to shift to being remote or indoors more
than not, companies opened up their doors to digital experiences and most
people opened numerous new accounts with vendors they never used before. But
this account boom can come at a cost to security in the long run.
A new global survey from IBM found that consumers’
reliance on digital channels has indeed increased significantly during the
pandemic. With individuals creating an average of 15 new online accounts during
the pandemic, billions of new accounts were likely created around the world.
How will this digital shift impact the security and privacy landscape moving
forward? If you’re thinking a growing attack surface and readily available
leaked accounts, you’re on the right track.
A Digital Account Boom Has Led to Password Fatigue
Society’s reliance on email/password combinations and
the overall growth in new online accounts is causing people to resort to lax
password behaviors. Roughly, 82% of consumers admitted to reusing credentials
at least some of the time.
Side Effect: The majority of the new accounts created
likely relied on reused email/password combinations that may already have been
exposed in data breaches over the past several years. This means that whatever
new accounts a person has are going to be easily compromised by past breaches
that happened before that account was ever set up.
Remedy: Shifting to more modern forms of
authentication should become a priority for companies. That includes offering
two-step or multifactor authentication for accounts. For consumers, it is
highly recommended to always enable two-step authentication where possible, and
the preferred method is using an authenticator app versus codes sent by SMS.
Convenience Outweighs Security and Privacy Concerns
The security versus convenience conundrum is a dated
one. In a past survey that looked at the authentication methods people
preferred, IBM found that preferences for security were rated highest on users’
financial accounts and gradually gave way to convenience across online
marketplace apps and social media. It was not surprising to learn that in our
current survey, millennials continue to gravitate toward convenience when it
comes to digital ordering — in fact, more than half say they would rather place
an order using a potentially insecure app or website versus call or go to a
physical location in person (51%).
Side Effect: With users more likely to overlook
security concerns for the convenience of digital ordering, the burden of security
falls more heavily on the companies providing these services.
Remedy: Users expect security to be inherent to the
services they consume and provided in a transparent way. In a past survey, IBM
found that about 25% of millennials will also move on from a breached provider
to a competitor. It is important to deploy services that allow users to boost
their own security, like enabling two-factor authentication or biometric
logins, and to integrate identity and access solutions that can protect
customer accounts in a seamless way.
Diving Deeper Into Digital Health Care Channels
Approximately, 63% of consumers engaged with
COVID-19-related services via digital channels — from web, to mobile apps,
email and even text messages — and are not always aware of the privacy and
personal health data implications.
Side Effect: Health care providers can use this
momentum to up their digital engagement with patients moving forward, offering
greater efficiency and more accessible information to patients. But to maintain
digital trust, providers must ensure the right security measures are in place
to keep patient data private and protected.
Remedy: Due to the nationwide public health emergency
instated during the COVID-19 pandemic, official guidance was relaxed around how
health care providers communicate with patients via telehealth, but restricted
platform choice to non-public facing ones, in order to remain mindful of HIPAA
implications. It is important for all care providers to review the requirements
and set up the properly controlled telehealth infrastructure that can enable
them to remain compliant and safeguard patients’ personal health information.
Paving the Way for Digital ID?
The concept of vaccine passports introduced consumers
to a real-world use case for digital credentials, which offer a
technology-based approach to verify specific aspects of our identity. And, 65%
of our survey respondents say they are now familiar with the concept of digital
credentials, and 76% are likely to adopt the method.
Side Effect: The exposure to digitized ID methods may
help spur wider adoption of modernized systems of digital ID, offering
individuals a way to share only the specific information needed versus excess
information found on traditional IDs (passports, drivers’ licenses, etc.) That
said, it will be critical to harden digital identity applications against
existing compromises of the actual device and protect data inside the apps and
as it travels between recipients of the credentials.
Remedy: Securing applications on mobile devices is a
critical step in releasing apps to the consumer and business marketplace. One
way to ensure apps are more secure is to test them by hackers who provide an
attacker’s point of view and can find the ways by which malicious outsiders may
try to compromise the app. Another important step is ensuring that the apps themselves
are not counterfeited to present fake information. To that effect, blockchain
solutions can help verify credentials in a centralized manner and prevent
forgery.
Digital Side Effects Will Linger Post-Pandemic:
Will this account boom subside once we go to a more
normalized lifestyle after the pandemic? Apparently not quite. Of our survey
respondents, 44% do not plan to delete or deactivate the new digital accounts
they created during the pandemic.
Side Effect: From banking, to groceries, retail and
restaurants, respondents said they will rely more heavily on digital versus
physical channels after the pandemic compared to how they used apps prior.
While this shift can provide efficiencies for both businesses and consumers,
companies must ensure their security is designed to support this growth.
Remedy: Businesses that saw a huge surge in new online
users during the pandemic also became more attractive targets to cyber
criminals and must reevaluate their technologies and strategy accordingly. That
includes an evaluation of the digital infrastructure that supports growth and
how it is being secured in terms of staff and technological controls,
especially in the cloud. With the threat of data theft and extortion, the
rising numbers of customers translate into increasing amounts of data each
provider manages, calling for a fresh approach to data encryption and
safeguarding.
How Can Organizations Adapt to Shifting Consumer
Security Landscape? Read more/ get the full report here.
This information is so useful and informative which you have shared here. It is beneficial for beginners to develop their knowledge. It is very gainful information. Thanks for sharing Data Theft Protection Software.
ReplyDelete