Security is an expensive and precious commodity in the current age. Over the last decade in particular there has been an almost inconceivable increase in the amount of data available online. Equivalently, there has been a huge increase in the danger posed to the individual with an online presence.

Governmental bodies and software companies have taken advantage of the very real cyber threat by asserting standards of certification and authentication, normalizing online behaviour, and offering security packages designed to increase (the perception of) online security. Unfortunately, and as is becoming increasingly evident, security in cyberspace may be a pipe dream, at least in the sense of assured or total security.

I’m sure everyone has read at least the headlines of a half-dozen or more articles this year alone screaming about the massive loss of client or customer data by this firm or that. You’ve probably read or heard about the JPMorgan Chase hacks, the credit card info stolen from Target; maybe you yourself have been the victim of cyber exploitation. The point is, cyberspace is looking more and more like the American Wild West. Or possibly a game of Snakes and Ladders cut with the worst-ever game of Monopoly (pay each player $….). So, what would you do to remain (or become) safer online? 

The concept of the gated community has been around for a while. The houses inside look really nice, the cars in the driveways represent a year’s income, and the tennis courts are for community residents only. You need ID or an invitation to get through the security-monitored gate, which may even have a real, live security guard in a little office to one side. The idea is to replicate this online. Want to shop with this company, bank with that firm? Pass this rigorous identity and background check, pay the appropriate fee for the level of security and community access you want, and away you go. Simple, right?

The problem with this idea is the actual enforcement of security in such a community. How are they actually safer? The houses inside that community are just as vulnerable to infestations of ants as those outside, and the residents are no safer from bee stings than non-residents. It’s already been proven that website authentication certifiers can be hacked and their keys used to issue certificates. Zero days and vulnerabilities generally aren’t known about until they’re exploited, which sucks and is too late for those affected anyway. Belonging to a gated community doesn’t change that.

So, besides the caché of belonging to a “gated cyber community,’ and the inflated perception of cyber security, what are you paying for? And since when has a nice gate deterred the truly determined criminals anyway?

 


Related Posts