Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Monday, December 06, 2004

Security Sells

Some companies are so serious about security, they try to make it part of their corporate image.  Citigroup, Microsoft, OnStar and El-Al are so security-conscious that they’ve all, in one way or another, incorporated it into their brand image.

Translation: They advertise security or otherwise make it part of the message they present to customers and business partners.

Look closely, though, and you’ll find that these companies share a common goal: to create a sense of trust for their customers—-while being careful not to overpromise.

In February 2003, Derek Bond, a 72-year-old retiree from Bristol, England, spent three weeks sleeping on the concrete floor of a South African jail after his name and passport number showed up on an FBI wanted list as he arrived in the country for a vacation.  In vain, he protested that not only was he ignorant of any supposed crimes he’d committed in America, but he’d never even been to the country.  Release didn’t come until the publicity surrounding his fate prompted an informant to point the FBI to the “Derek Bond” whom they did want to talk to—-comfortably holed up in Las Vegas, after purloining the identity of the real Mr. Bond some 14 years before.

Bond’s misfortune illustrates—-to the extreme—-the menace of identity theft.  Armed with just a few pieces of information—-information readily available from trash or stolen documents—-identity thieves can take advantage of lax security at financial institutions to enrich themselves.

Not if Citigroup can help it, says Ronni Burns, director of business practices for Citi Cards, the group’s credit card arm.  In 1991, she says, Citi was among the first card issuers to offer its customers early warning of fraud, by programming computers to spot suspicious transactions.  And in 1992, Citi followed this by being the first major card issuer to include customers’ photographs on cards.  Most recently, Citi has bolstered its identity-theft prevention offerings with a personalized solution that involves trained counselors providing support to victims.  In the event that a customer’s identity is stolen, explains Burns, a single Citi representative is assigned to the case to help customers identify the fraudulent transactions, fill in the various police forms, notify credit bureaus and generally get their lives back on track.

Microsoft Aims for Trustworthiness Curiously, one of the biggest developments in Microsoft’s history—-and certainly one that is intended to have an enormous impact on its customers—-isn’t being marketed yet.  Or at least not in the direct manner that Citigroup is using.

While Microsoft does actively promote some security-related products (including through advertisements in CSO), “Trustworthy Computing,” as the company christens it, deliberately isn’t mentioned in the company’s advertising.  “There is no advertising around Trustworthy Computing at all,” insists Microsoft spokeswoman Nicole Miller.  The company does, of course, provide a website that explains the initiative, and a quick Google search will turn up plenty of Microsoft quotes discussing the initiative in the media.

But Trustworthy Computing itself is still a long way from victory.  In fact, says Chief Security Strategist Scott Charney, who describes the initiative as “very much a work in progress,” Microsoft has had to apply strong-arm tactics to software vendors who have built Microsoft technologies into their products: They are not to make claims that aren’t yet matched by the reality that Gates wants to see.

OnStar Sells Peace of Mind If you’re going to set up in business as a guardian angel, you’d better be a guardian angel that people trust.  When you’re lost, for example, two critical pieces of information are (1) where you are and (2) the directions for getting back on course.  Minutes can be lost while the emergency services try to locate you—-which in the event of a serious accident can literally make the difference between life and death.

“Key to the promise of the brand is that a real, live person will share your problem and help resolve it,” says Andrew Young, director of marketing at Detroit-based OnStar, who’s been with the business since its inception in 1996. “They’ll make connections, find information and help you.  The help depends on the nature of the problem. OnStar is careful to avoid overpromising, says Young, and tries hard to make sure that subscribers understand the limitations of the service. “We’ve tried to be very honest in how we market the service and build the brand,” he says.

For the past two years, OnStar has been running a radio advertisement campaign featuring the voices of real callers.

Posted on 12/06
FinancialMotor IndustryTrendsPermalink