One Hot Mess: Encryption, Dating and the Betterment of Privacy Protection
Would you feel comfortable sending personal information over email without encryption? Feel shy answering ‘Yes?’ You’re not alone. In fact, nearly 50 per cent of people choose to share sensitive personal information online. And our trust on the people and companies we send them to is often taken for granted.
You might be surprised to learn just how exposed your customers really are.
In a recent survey of IT professionals and IT decision-makers, conducted by Echoworx, a clear vein of importance attributed to encryption emerged, with 75 per cent of respondents answering ‘yes’ to whether their organization has an encryption strategy. But, as less than half these same respondents answered in the affirmative that their organizations are indeed using encryption extensively, the actual application of it is questionable.
In other words: That personal information your customers are providing to a whole motley crew of banks, healthcare professionals and government bodies? There’s a chance their recipients, who might even be your own staff, are storing it unfiltered, accessible, and unprotected on their servers.
To help understand the other side of the coin, we posed questions to consumers on their willingness to provide personal information both digitally and on first dates. The results were startling – with respondents more than willing to provide personal info, from their full name to their SIN card in both situations.
When blended together, we are left with two narratives telling a tale of two cities. And it’s messy, but not as cryptic as it seems. Rather there appears to be more a disconnect between our willingness to adopt encryption and our actual application of it in our working lives.
Over half the IT professionals surveyed, for example, responded favourably to adopting encryption – outlining the privacy technology as very important or crucial to their organizations. And nearly three quarters of this group indicated that are actively building encryption strategies. Seems progressive?
And then the reality hits: only half of them are in it for the betterment of information privacy. The other half, almost a clear-cut 50 per cent, admit they advocate for encryption to satisfy privacy regulations and avoid expensive breaches – not because they are actually concerned about protecting sensitive customer data.
The lack of enthusiasm for encryption application permeates through their entire organizations – with only 40 per cent of organizations using their existing encryption technology extensively. And the area they do emphasize encryption, in external communications, is seemingly not enough given that many organizations are now moving their email servers to the cloud – which makes even internal communications external in nature.
And yet customers continue to trust you without encryption
While three quarters of customers know what encryption means and why it exists, 45 per cent of them continue to send personal details via open email – and they put a lot of trust into the people they send them to. Take the safety of an email, for example. Despite the rise in spear phishing, and other email-related attacks mining for personal data, the average person evaluates the safety of an email in under thirty seconds.
Would you give up your personal data to someone in the street in under 30 seconds? Sounds crazy, but according to survey data, the average person might. Did you know, for example, that nearly a quarter of people are likely to share their real birth date, email address, full name and phone number on the first date? And these concerning figures are even more pronounced with men – 12 per cent of whom are just as likely to disclose their SIN card number on a first date as they are to brag about their salary.
And it doesn’t stop there.
When it comes to online forms, over three quarters of your customers admit to providing sensitive personal information. And, considering they take half a minute to inspect the safety of an online form, the amount of details they provide is startling.
Did you know, for example, that over 10 per cent of your customers are comfortable providing their bank PIN number through an online form? Or that a further 34 per cent of them have given their SIN card number? And that a small, but more trusting, 5 per cent willingly disclose their passport number when prompted by faceless forms?
But, at the end of the day, why does this matter to your business?
Data breaches are expensive messes to clean up and they happen more often than you think – with nearly a quarter of people admitting to having had their personal information stolen. In addition to massive fines pushing into the tens of millions of dollars, and drawn out class action lawsuits, a high-profile breach can cause irreparable damage to your brand trust.
Providing your customers and employees with a concise yet complex high-performing encryption solution can help alleviate some privacy woes in your organization – especially for mobile. Newer encryption platforms integrate easily with existing IT systems and offer multiple flexible methods of protecting information in transit.
In summary, encryption matters, and IT professionals get this – even if their reasons lie primarily in the bottom line of compliancy. But actually applying encryption throughout your organization is a different issue altogether and relies on making your privacy process more streamlined and less of a hassle for users. But the payoffs of preparing for privacy are huge – and your efforts will be noticed.
Check out some of the creative ways organizations are using our Echoworx OneWorld encryption platform to help ensure the safe transit of everything from bulk delivery of millions of e-statements to sensitive onboarding documents for new clients. The proactive applications of encryption are endless, and can be automated, for when your employees’ behaviour can’t be.
By Nicholas Sawarna, Sr. Content Marketing Specialist, Echoworx