Imagine walking into a Home Depot where hundred pound bags of nails were suspended over your head by sewing thread. At any moment the nails could fall on you and your family. How eager would you be to buy a hammer there? In their cavalier abuse of technology security that is apparently what they’ve been doing. And this time the nails fell on the heads of 56 million customers whose credit card information was stolen.
Companies around the world are responsible for information and technology that directly impacts the lives of their customers. Personal information, financial records, patient records all have the potential of causing massive difficulties if stolen or used inappropriately. And yet, these same companies continue to abuse that responsibility as well as ignore those professionals who make them aware of it. This is an architectural failure yes, but more importantly it is a failure of society to hold companies responsible and to implement a simple solution that works for other industries and professions.
Home Depot’s stock is expected to maintain or only take a small dip according to Forbe’s, and news outlets are acting as if that makes it ok. And yet as one reporter made clear, although it was Home Depot’s failure, it is the credit card companies and other businesses who will suffer from their mistake. Each stolen credit card will be used at multiple companies, many of which are small locally owned businesses. Each of these transactions, if they are caught at all, will need to be reversed and both the credit card company and the small business will suffer. And yet Home Depot’s stock will not be impacted.
It is time that we as professionals speak out against this kind of abuse of the system. That we require our businesses to be held to a higher standard, especially in areas where so many millions of real people are impacted. Just this week, in my Architecture Core course, in Sweden, I have heard many stories of poor decision making, lack of accountability and wasted resources in essential government and business technology implementation. This has to stop. Business must begin to take architecture and technology strategy seriously. If you are fed up with this kind of story, send in your thoughts and your case studies and Iasa will publish them. This is not in hope of focusing on the negative sides of technology but a call for accountability. Wasted government procurement raises taxes, poor technology rigor puts peoples lives at risk, inappropriate (dare I call it Agile) development practices destroy company profits and architects are the ones who can make a difference.
It is my opinion that Home Depot should foot the bill for every single fraudulent transaction that there lack of attention to security architecture creates. If you agree or disagree, please send us an email or comment on this article and we will publish the responses.
This is Paul Preiss, writing from the No Hype Zone.