A study released this week by a group of researchers from the University of Michigan shows an alarming picture after examining over 200 financial institutions websites and finding that over 75% of these had at least one design flaw.
It is important to note, however, the research did not focus on security holes per se, but design practices that could potentially put customers at risk. For example, about half of the bank websites showed a login box on insecure pages, while about a third redirected customers to external websites without any notification. In the other hand, making much of this information somewhat irrelevant is that research data was pulled from websites dating back from 2006, meaning banks should have resolved many of these issues by now, or so we hope.
A separate study also released this week looked into Corporate PCs and networks, showing bleak security practices with about 10 percent of a pool of 100,000 computers analyzed allowing the use of external storage or USB drives, 12 percent had missing anti-virus programs, and about 9 percent had peer to peer applications installed without authorization.