The Online Trust Alliance (OTA) recently released its 2015 Online Trust Audit & Honor Roll. For the report, OTA analyzed approximately 1,000 websites in three categories: consumer protection, privacy and security. According to a release, the seventh annual audit now includes websites of the top 50 leading Internet of Things device makers, wearable technologies and connected home products.
It’s tough to make the honor roll; that’s what makes it special. But then, this is the type of honor roll you want companies to make, especially if it is a company you do business with (or if it is your website being evaluated). Unfortunately, nearly half of all of the websites failed. Even more alarming was that the new category of IoT had an even more dismal showing, with a 76 percent failure rate.
In an ITProPortal article, Craig Spiezle, executive director and president of OTA, stated:
The results of this audit serve as a wake-up call to Internet of Things companies who are handling highly sensitive, dynamic and personal data. In rushing their products to market without first addressing critical data management and privacy practices, they are putting consumers at risk and inviting regulatory oversight.
News media sites fared the worst, with 80 percent of them failing to make the grade in the three criteria. Retail sites have seen the greatest improvement, with a jump from 24 to 42 percent of industry sites making the honor roll. Perhaps the lessons of Target and other retail breaches have begun to sink in?
For the third year in a row, Twitter was named the figurative valedictorian, as it had the highest scores of all the websites. I admit, it surprises me because Twitter does have its share of security and privacy issues. It seems like Twitter accounts are regularly being hacked. On the other hand, how bad must security and privacy and consumer protection on websites be, especially when you consider the audit found that social media sites have the highest level of honor roll inductees? No wonder consumers are growing more concerned about their security and privacy online. If companies are failing to make a security honor roll, how else are they failing their customers’ privacy and security?
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba