printer friendly version

What is your risk profile?

The recent News of the World hacking scandal has taken pride of place on British television shows over the past weeks. The ease with which some people were able to hack into voice mail messages is astounding. You would think mobile carriers would by default implement some security system to protect private information, but where is the profit in that.

The fact that even with ample warning over the past year or so these companies have still not amended their contracts to comply with the law says it all – it seems to me customer is simply a euphemism for victim in these boardrooms.

Not that we are not used to that. However it does put the responsibility for security and privacy back in the hands of the customer. You cannot rely on these companies to lift a finger to protect your private information unless there is a profit to be made; if they can find a way to charge for it, that is a different story. Nonetheless, the question is, do you trust them?

Do you trust the company that profits from selling your computer's or mobile device's operating system to do everything it can to protect you, or do you rely on third-party applications to secure your system?

Taking it to another level, do you trust the police force to protect you or do you pay more money to a third party to provide additional security. And how do you know whether the third party will deliver on its promises? We have all seen or heard about security guards conveniently looking the other way, whether for profit or to protect themselves and their families. There seems to be no end to the horror stories. So what does one do?

In the end it comes down to identifying the risks you face and mitigating those you want to avoid while accepting those you can deal with.

Personally, if someone wants to listen to my voice mail messages or calls, they are welcome to. I would advise them to get a life. However, I have not been victim to a disaster that has taken a loved one away recently, if I had I would certainly have a different opinion. A company CEO would certainly not agree with me, his/her calls need to be protected at all times.

So it is about identifying and mitigating the risks you face according to your own risk profile – an ever-changing risk profile. Encrypting my phone calls is not something I would do, but there are others that will feel compelled to. I keep backups of my data files because I would be lost without them. They are not worth anything in real monetary terms, but they are worth endless hours of work and stress (and lost revenue) for me if they are lost. It is a risk that needs to be mitigated and it is worth paying for – in my profile.

As business ethics make way for profiteering, perhaps it is time we all examine our risk profiles, personal and business, to see what mitigation we need to implement to retain the safety, security and privacy standards we value.

Andrew Seldon

Share this article:

Further reading: