Ken Wisnefski Discusses the Problem with NSTIC Plan
John Borkowski, September 23, 2011
President Obama introduced the National Strategy for Trusted Identities in Cyberspace Plan in April, 2011. The new plan calls for a proposed single authentication system that acts as a sole online identity for consumers. The plan, however, may inversely increase the extent of fraud committed against Americans. Essentially creating a master key to ones online identity can have extensive ramifications if the single key is lost.
Over the past 2 years, an estimated total of 11.7 million Americans were victims of some sort of identity theft. Over a 5 year period, this number is increasing at an average rate of 1.1 million Americans, representing 10.1 million victims per year. (Statistics according to the Federal Trade Commission).
As staggering as these numbers are, there are aggressive steps that can be taken to combat identity theft. The plan outlined by The President, however, may not effectively and efficiently solve the problem. The plan calls for a single identity to be used in online transactions. Creating a “master key” presents the opportunity for a skilled hacker to bring down the whole ship by stealing one single authentication. Emphasis should thus be placed more on securing the perimeters around our cyber security systems to keep hackers out, and educating consumers in how to be proactive about protecting their online identity.
Enhanced security methods can include controlling communications between servers (protecting the exchange of information through secure gateways), limiting the amount of users on a network to those with proper credentials, encrypting secure data, and continuously backing it up to a protected environment with restricted access. Consider this statistic; 65% of data breaches are conducted by disgruntled employees within the workplace. When these basic fundamentals are in place, consumers are less likely to have their online identity stolen. An additional contributing factor to online identity theft is negligence by the consumer. People may make insecure transactions online on phishy websites. Not using a secure socket “https”, improperly discarding personal documents, and leaving their credit card on file on web servers are just some examples. People are not being proactive enough to set up a wall around their identity each time it is used. Educating the consumer can help to correct carelessness. Vigilance in the workplace can help against both internal and external breaches.
Currently, web users have multiple username / passwords they use to make transactions online. The Plan calls for one single password that will be used for all dealings. Failure to diversify your online identity will lead to more problems. The hacker simply has to obtain the one password that controls all. Not only is that unsafe (putting all your eggs in 1 basket) it further motivates the hacker because the rewards for cracking it are endless.
Although the intention of the National Strategy for Trusted Identities in Cyberspace Plan is clearly well-considered, it could actually end up causing more harm than good. As if recent stock market declines haven’t taught us the value of diversifying. Attention should therefore be given to securing the online networks and servers already in place, in addition to educating consumers how to be proactive in self-protection.
About the Author: Kenneth C. Wisnefski is founder and CEO of WebiMax, the #1 rated SEO firm in the United States and Australia. Mr. Wisnefski regularly appears in media outlets as expert commentary in various topics relating to Entrepreneurship, Small Business, the Economy, and Online Marketing. Follow Ken on Twitter @KenWisnefski
--to request to submit a guest blog please contact John Borkowski at JBorkowski@webimax.com.