Leading technology companies such as Google and Yahoo are accelerating their plans to upgrade security to help reassure users of increased web privacy. These changes are a direct response over indiscriminate and broad U.S. Government Internet surveillance programs.
Google this week announced (http://news.cnet.com/8301-1009_3-57612905-83/google-finishes-2048-bit-security-upgrade-for-web-privacy/) that they have replaced their customer facing web encryption certificates to use stronger 2048-bit encryption keys. While I agree with this step it still falls short of a model for upgrading security for web privacy that needs to occur within organizations.
Minimum Efforts Are Not Enough
Think for a moment what would happen if Olympic athletes practiced to match the and not exceed the scores of other athletes from around the world. Would you travel in a new commercial airplane that had undergone limited quality and air worthiness testing? Neither you nor I would risk our lives by flying in an aircraft tested to least quality standards. Organizations tell consumers they are performing improvements to upgrade security to enhance web privacy. What organizations fail to show is that often they are doing only the least number of steps to upgrade web security.
Leadership Requires Doing The Most
Google’s efforts for upgrading web encryption certificates is a positive step, however it falls short of using technology to go further. Google should not settle for 2048-bit encryption keys and instead use much stronger 4096-bit encryption keys—that would show real industry leadership by doing the most possible instead of the least possible. Upgrading security for web privacy through stronger web encryption certificates is only a small step that helps organizations address the multiple challenges for web privacy.
A New Paradigm for Security
Organizations must shift their way of thinking and begin to focus their strategy for ensuring web privacy is a priority. Demonstrate to your customers and business partners that you are doing everything you can to earn their trust. Don’t settle for being average. Align your security and privacy strategy to drive innovation for security and your web privacy efforts will earn the trust and confidence of your customers and business partners. Make excellence for security strategy a part of your organization’s DNA.