Association Security Needs Are Not Like Banks

Few if any associations will require security as rigorous as that of a bank or other financial institution. Where a bank might provide online access to its services and is likely to have an online application, it's very unlikely for security reasons to provide a fully automated online only registration in which customers assign their own user names and passwords. Because the bank controls access to one of the customer's most valuable assets, it will almost certainly take as many precautions as necessary to insure a high level of security. By their very nature, few traditional businesses are as security conscious as banks and it's natural for banks to carry this security awareness into new areas.

After an existing customer makes an online application to the bank, the bank will probably mail the necessary access information back to the customer's address that is already in the bank's records. In addition to a username and password the bank might require another identifier such as a personal identification number (PIN) to be entered when the customer attempts to access their account information online. Further the bank, like many credit card companies, might require an activation phone call from the customer's home phone before the account information can be used.

Because of the extreme sensitivity of the bank customer's information, the bank will go to the expense of establishing an elaborate and secure system. Further, the customer will accept and even expect such measures and the delays they entail because he or she wouldn't want to risk their bank account information being compromised. Also they have the same methods they've been using for years to accomplish those things they might do via online banking.

On the other hand, users of other online services are prone to believe the only security issue is the encryption of their credit card information. Convenience is a significant motivation for many online users. Association members may wait until they actually need something that they believe the association has online before attempting to retrieve it. Such persons will have little patience for multi step procedures that include significant delays. Almost any impediment to the rapid completion of the tasks they are trying to perform will cause some number of them to turn to alternative methods of accomplishing their goals.

Thus in some ways, non financial institutions have a more difficult time implementing adequate security systems. Though their security needs are less than those of financial institutions, they are still significant but they need to be implemented in ways that are almost transparent to users.

Top of Page - Site Map

Copyright © 2000 - 2006 by George Shaffer. This material may be distributed only subject to the terms and conditions set forth on http://GeodSoft.com/terms.htm. These terms are subject to change. Distribution is subject to the then current terms, or at the choice of the distributor, those defined in a verifiably dated printout or electronic copy of http://GeodSoft.com/terms.htm at the time of the distribution. Distribution of substantively modified versions of GeodSoft content is prohibited without the explicit permission of George Shaffer. Distribution of the work or derivatives of the work, in whole or in part, for commercial purposes is prohibited unless prior permission is obtained from George Shaffer. Distribution in accordance with these terms, for private, unrestricted and uncompensated public access, non profit, or internal company use is allowed.